Chapter 10
Configuring 802.1x Port-Based Authentication
Configuring 802.1x Authentication
These sections describe how to configure 802.1x port-based authentication on your switch:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Default 802.1x Configuration
Table 10-1
Table 10-1 Default 802.1x Configuration
Feature
AAA
RADIUS server
•
•
•
Switch 802.1x enable state
Per-interface 802.1x enable state
Periodic re-authentication
Number of seconds between
re-authentication attempts
78-11380-10
Default 802.1x Configuration, page 10-9
802.1x Configuration Guidelines, page 10-10
Upgrading from a Previous Software Release, page 10-11
Enabling 802.1x Authentication, page 10-11
Configuring the Switch-to-RADIUS-Server Communication, page 10-13
Enabling Periodic Re-Authentication, page 10-14
Manually Re-Authenticating a Client Connected to a Port, page 10-15
Changing the Quiet Period, page 10-15
Changing the Switch-to-Client Retransmission Time, page 10-15
Setting the Switch-to-Client Frame-Retransmission Number, page 10-16
Configuring the Host Mode, page 10-17
Configuring a Guest VLAN, page 10-18
Resetting the 802.1x Configuration to the Default Values, page 10-18
Configuring 802.1x Authentication, page 10-19
Configuring 802.1x Accounting, page 10-20
shows the default 802.1x configuration.
IP address
UDP authentication port
Key
(required)
(optional)
(optional)
(optional)
(optional)
(optional)
(optional)
Default Setting
Disabled.
None specified.
•
•
1812.
•
None specified.
Disabled.
Disabled (force-authorized).
The port sends and receives normal traffic without
802.1x-based authentication of the client.
Disabled.
3600 seconds.
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
Configuring 802.1x Authentication
(required)
(optional)
(optional)
(optional)
(optional)
10-9