Configuring A Guest Vlan; Resetting The 802.1X Configuration To The Default Values - Cisco 2950 - Catalyst Switch Configuration Manual
Software configuration guide
Hide thumbs
Also See for 2950 - Catalyst Switch:
- Command reference manual (686 pages) ,
- Software configuration manual (674 pages) ,
- Software manual (376 pages)
Table of Contents
Advertisement
Configuring 802.1x Authentication
Configuring a Guest VLAN
For switches running the EI, when you configure a guest VLAN, clients that are not 802.1x-capable are
put into the guest VLAN when the server does not receive a response to its EAPOL request/identity
frame. Clients that are 802.1x-capable but fail authentication are not granted access to the network. The
switch supports guest VLANs in single-host or multiple-hosts mode.
Beginning in privileged EXEC mode, follow these steps to configure a guest VLAN. This procedure is
optional.
Command
Step 1
configure terminal
Step 2
interface interface-id
Step 3
dot1x guest-vlan vlan-id
Step 4
end
Step 5
show dot1x interface interface-id
Step 6
copy running-config startup-config
To disable and remove the guest VLAN, use the no dot1x guest-vlan interface configuration command.
The port returns to the unauthorized state.
This example shows how to enable VLAN 9 as an 802.1x guest VLAN on a port:
Switch(config)# interface fastethernet0/1
Switch(config-if)# dot1x guest-vlan 9
This example shows how to set 3 as the quiet time on the switch, to set 15 as the number of seconds that
the switch waits for a response to an EAP-request/identity frame from the client before resending the
request, and to enable VLAN 2 as an 802.1x guest VLAN when an 802.1x port is connected to a DHCP
client:
Switch(config-if)# dot1x timeout quiet-period 3
Switch(config-if)# dot1x timeout tx-period 15
Switch(config-if)# dot1x guest-vlan 2
Resetting the 802.1x Configuration to the Default Values
Beginning in privileged EXEC mode, follow these steps to reset the 802.1x configuration to the default
values.
Command
Step 1
configure terminal
Step 2
interface interface-id
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
10-18
Chapter 10
Purpose
Enter global configuration mode.
Specify the interface to be configured, and enter interface configuration
mode. For the supported interface types, see the
Guidelines" section on page
Specify an active VLAN as an 802.1x guest VLAN. The range is 1 to
4094.
Any VLAN can be configured as an 802.1x guest VLAN except RSPAN
VLANs or voice VLANs.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Purpose
Enter global configuration mode.
Specify the interface to be configured, and enter interface configuration
mode.
Configuring 802.1x Port-Based Authentication
"802.1x Configuration
10-10.
78-11380-10
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
