Specifications

ManualsBrandsCisco ManualsComputer equipmentIOS XE Intelligent Services

131

132

133

134

135

136

137

138

139

140

Cisco HWIC-4ESW and HWIC-D-9ESW EtherSwitch Interface Cards

How to Configure EtherSwitch HWICs

To disable AAA, use the no aaa new-model global configuration command. To disable 802.1x AAA

authentication, use the no aaa authentication dot1x {default | list-name} method1 [method2...] global

configuration command. To disable 802.1x, use the dot1x port-control force-authorized or the no

dot1x port-control interface configuration command.

Configuring the Switch-to-RADIUS-Server Communication

RADIUS security servers are identified by their host name or IP address, host name and specific UDP

port numbers, or IP address and specific UDP port numbers. The combination of the IP address and UDP

port number creates a unique identifier, which enables RADIUS requests to be sent to multiple UDP

ports on a server at the same IP address. If two different host entries on the same RADIUS server are

Step 3

aaa authentication dot1x {default | listname}

method1 [method2...]

Example:

Router(config)# aaa authentication dot1x

default newmethod

Creates an 802.1x authentication method list.

• To create a default list that is used when a named list is

not specified in the authentication command, use the

default keyword followed by the methods that are to be

used in default situations. The default method list is

automatically applied to all interfaces.

• Enter at least one of these keywords:

–

group radius—Use the list of all RADIUS servers

for authentication.

–

none—Use no authentication. The client is

automatically authenticated without the switch

using the information supplied by the client.

Step 4

interface interface-id

Example:

Router(config)# interface 0/1/3

Enters interface configuration mode and specifies the

interface to be enabled for 802.1x authentication.

Step 5

dot1x port-control auto

Example:

Router(config-if)# dot1x port-control auto

Enables 802.1x on the interface.

• For feature interaction information with trunk,

dynamic, dynamic-access, EtherChannel, secure, and

SPAN ports see the “802.1x Configuration Guidelines”

section on page 24.

Step 6

end

Example:

Router(config-if)# end

Returns to privileged EXEC mode.

Step 7

show dot1x

Example:

Router# show dot1x

Verifies your entries.

Step 8

copy running-config startup-config

Example:

Router# copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Command or Action Purpose