System information
2-96
Configuring the Switch
2
• authentication dot1x* – Sets the default authentication server type. Note the
specified authentication server type must be enabled and properly configured for
dot1x to function properly. (Options: radius)
* CLI only.
Web - Select 802.1X, 802.1X Configuration. Enable dot1x globally for the switch,
modify any of the parameters as required, and then click Apply.
.
Figure 2-61. Configuring 802.1x
CLI – This example enables re-authentication and sets all of the global parameters
for dot1x.
Configuring Port Authorization Mode
When dot1x is enabled, you need to specify the dot1x authentication mode
configured for each port.
Command Attributes
• Status - Indicates if authentication is enabled or disabled on the port.
• Mode – Sets the authentication mode to one of the following options:
- Auto – Requires a dot1x-aware client to be authorized by the authentication
server. Clients that are not dot1x-aware will be denied access.
- Force-Authorized – Forces the port to grant access to all clients, either
dot1x-aware or otherwise.
- Force-Unauthorized – Forces the port to deny access to all clients, either
dot1x-aware or otherwise.
Console(config)#dot1x max-req 5 3-137
Console(config)#dot1x re-authentication 3-139
Console(config)#dot1x timeout quiet-period 40 3-139
Console(config)#dot1x timeout re-auth 5 3-140
Console(config)#dot1x timeout tx-period 40 3-140
Console(config)#authentication dot1x default radius 3-137
Console(config)#