Installation guide
Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards
How to Configure EtherSwitch HWICs
18
Cisco IOS Release 12.3(8)T4
OL-6454-01
Configuring 802.1x Authentication
This section describes how to configure 802.1x port-based authentication on an EtherSwitch HWIC:
• Understanding the Default 802.1x Configuration, page 18
• Enabling 802.1x Authentication, page 19
• Configuring the Switch-to-RADIUS-Server Communication, page 20
• Enabling Periodic Reauthentication, page 22
• Changing the Quiet Period, page 22
• Changing the Switch-to-Client Retransmission Time, page 23
• Setting the Switch-to-Client Frame-Retransmission Number, page 24
• Enabling Multiple Hosts, page 25
• Resetting the 802.1x Configuration to the Default Values, page 26
• Displaying 802.1x Statistics and Status, page 26
Understanding the Default 802.1x Configuration
Table 1 shows the default 802.1x configuration.
Table 1 Default 802.1x Configuration
Feature Default Setting
Authentication, authorization, and
accounting (AAA)
Disabled.
RADIUS server
• IP address
• UDP authentication port
• Key
• None specified.
• 1645.
• None specified.
Per-interface 802.1x enable state Disabled (force-authorized).
The port transmits and receives normal traffic without
802.1x-based authentication of the client.
Periodic reauthentication Disabled.
Number of seconds between
reauthentication attempts
3600 seconds.
Quiet period 60 seconds (number of seconds that the switch remains
in the quiet state following a failed authentication
exchange with the client).
Retransmission time 30 seconds (number of seconds that the switch should
wait for a response to an EAP request/identity frame
from the client before retransmitting the request).
Maximum retransmission number 2 times (number of times that the switch will send an
EAP-request/identity frame before restarting the
authentication process).
Multiple host support Disabled.