Installation guide
Configuring the Switch
3-90
3
• Each switch port that will be used must be set to dot1X “Auto” mode.
• Each client that needs to be authenticated must have dot1X client software
installed and properly configured.
• The RADIUS server and 802.1X client support EAP. (The switch only supports
EAPOL in order to pass the EAP packets from the server to the client.)
• The RADIUS server and client also have to support the same EAP authentication
type – MD5, PEAP, TLS, or TTLS. (Some clients have native support in the
operating system, otherwise the dot1x client must support the required
authentication method.)
Displaying 802.1X Global Settings
The 802.1X protocol provides port-based client authentication.
Command Attributes
802.1X System Authentication Control – The global setting for 802.1X.
Web – Click Security, 802.1X, Information.
Figure 3-51 802.1X Global Information
CLI – This example shows the default global setting for 802.1X.
Console#show dot1x 4-137
Global 802.1X Parameters
system-auth-control: enable
802.1X Port Summary
Port Name Status Operation Mode Mode Authorized
1/1 disabled Single-Host ForceAuthorized n/a
1/2 disabled Single-Host ForceAuthorized n/a
.
.
.
802.1X Port Details
802.1X is disabled on port 1/1
.
.
.
802.1X is disabled on port 1/24
Console#