X Host Mode - Cisco Catalyst 4500 Series Configuration Manual
Release ios xe 3.3.0sg and ios 15.1(1)sg
Hide thumbs
Also See for Catalyst 4500 Series:
- Software configuration manual (2086 pages) ,
- Administration manual (1814 pages) ,
- Configuration manual (1254 pages)
Table of Contents
Advertisement
About 802.1X Port-Based Authentication
Figure 44-3 Authentication Flowchart
Authentication
servers are up.
802.1X Host Mode
The 802.1X port's host mode determines whether more than one client can be authenticated on the port
and how authentication is enforced. You can configure an 802.1X port to use any of the five host modes
described in the following sections. In addition, each mode can be modified to allow preauthentication
open access:
•
•
•
•
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
44-6
Start
Client IEEE
802.1x capable?
Yes
Start IEEE 802.1x port-based
authentication
Client
identity is
invalid
Assign port to
Assign port to
restricted VLAN
Done
All authentication
servers are down.
Assign port to
critically authorized
VLAN
Done
Single-Host Mode, page 44-7
Multiple-Hosts Mode, page 44-7
Multidomain Authentication Mode, page 44-7
Multiauthentication Mode, page 44-8
Chapter 44
No
IEEE 802.1x authentication
process times out
The switch gets an
EAPOL message,
and the EAPOL
message exchange
begins.
Client
identity is
valid
VLAN
Done
1 = This occurs if the switch does not detect EAPOL packets from the client.
Configuring 802.1X Port-Based Authentication
Is MAC authentication
bypass enabled?
Yes
Use MAC authentication
1
bypass
Client MAC
Client MAC
address
address
identity
identity
is valid.
is invalid.
Assign port to
Assign port to
VLAN
guest VLAN
Done
All authentication
servers are down.
1
No
1
Done
OL-25340-01
- Quick Links:
- Resetting a Switch to Factory Default...
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
