User's Manual
Table Of Contents
- Chapter 1: Introduction 1-1
- Chapter 1: Introduction
- Chapter 2: Hardware Installation
- Chapter 3: Network Configuration
- Chapter 4: Initial Configuration
- Chapter 5: System Configuration
- Chapter 6: Command Line Interface
- Using the Command Line Interface
- Entering Commands
- Command Groups
- General Commands
- System Management Commands
- System Logging Commands
- System Clock Commands
- DHCP Relay Commands
- SNMP Commands
- snmp-server community
- snmp-server contact
- snmp-server location
- snmp-server enable server
- snmp-server host
- snmp-server trap
- snmp-server engine-id
- snmp-server user
- snmp-server targets
- snmp-server filter
- snmp-server filter-assignments
- show snmp groups
- show snmp users
- show snmp group-assignments
- show snmp target
- show snmp filter
- show snmp filter-assignments
- show snmp
- Flash/File Commands
- RADIUS Client
- 802.1X Authentication
- MAC Address Authentication
- Filtering Commands
- WDS Bridge Commands
- Spanning Tree Commands
- Ethernet Interface Commands
- Wireless Interface Commands
- interface wireless
- vap
- speed
- multicast-data-rate
- channel
- transmit-power
- radio-mode
- preamble
- antenna control
- antenna id
- antenna location
- beacon-interval
- dtim-period
- fragmentation-length
- rts-threshold
- super-g
- description
- ssid
- closed-system
- max-association
- assoc-timeout-interval
- auth-timeout-value
- shutdown
- show interface wireless
- show station
- Rogue AP Detection Commands
- Wireless Security Commands
- Link Integrity Commands
- IAPP Commands
- VLAN Commands
- WMM Commands
- Appendix A: Troubleshooting
- Appendix B: Cables and Pinouts
- Appendix C: Specifications
- Glossary
- Index
802.1X Authentication
6-65
6
802.1X Authentication
The access point supports IEEE 802.1X access control for wireless clients. This
control feature prevents unauthorized access to the network by requiring an 802.1X
client application to submit user credentials for authentication. Client authentication
is then verified by a RADIUS server using EAP (Extensible Authentication Protocol)
before the access point grants client access to the network. The 802.1X EAP
packets are also used to pass dynamic unicast session keys and static broadcast
keys to wireless clients.
802.1x
This command configures 802.1X as optionally supported or as required for wireless
clients. Use the no form to disable 802.1X support.
Syntax
802.1x <supported | required>
no 802.1x
• supported - Authenticates clients that initiate the 802.1X authentication
process. Uses standard 802.11 authentication for all others.
• required - Requires 802.1X authentication for all clients.
Default Setting
Disabled
Table 6-12. 802.1X Authentication
Command Function Mode Page
802.1x Configures 802.1X as disabled, supported, or required IC-W-VAP 6-65
802.1x broadcast-key-
refresh-rate
Sets the interval at which the primary broadcast keys are
refreshed for stations using 802.1X dynamic keying
IC-W-VAP 6-66
802.1x session-key-
refresh-rate
Sets the interval at which unicast session keys are
refreshed for associated stations using dynamic keying
IC-W-VAP 6-67
802.1x session-timeout Sets the timeout after which a connected client must be
re-authenticated
IC-W-VAP 6-67
802.1x-supplicant enable Enables the access point to operate as a 802.1X
supplicant
GC 6-68
802.1x-supplicant user Sets the supplicant user name and password for the
access point
GC 6-68
show authentication Shows all 802.1X authentication settings, as well as the
address filter table
Exec 6-68