System information
9
Configuring Port-Based Access Control
(802.1x)
Contents
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
How 802.1x Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-7
General Operating Rules and Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-9
General Setup Procedure for Port-Based Access Control
(802.1x) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-11
Configuring Switch Ports as 802.1x Authenticators . . . . . . . . . . . . 9-14
802.1x Open VLAN Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-20
Option For Authenticator Ports: Configure Port-Security
To Allow Only 802.1x Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-31
Configuring Switch Ports To Operate As Supplicants for
802.1x Connections to Other Switches . . . . . . . . . . . . . . . . . . . . . . . . 9-33
Displaying 802.1x Configuration, Statistics, and Counters . . . . . . 9-37
How RADIUS/802.1x Authentication Affects VLAN Operation . . 9-43
Messages Related to 802.1x Operation . . . . . . . . . . . . . . . . . . . . . . . . 9-47
9-1