EasyManua.ls Logo

Cisco 3032 - Configuring an Authenticator and a Supplicant Switch with NEAT

Cisco 3032
1354 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
9-58
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
OL-12247-04
Chapter 9 Configuring IEEE 802.1x Port-Based Authentication
Configuring 802.1x Authentication
This example shows how to configure NAC Layer 2 802.1x validation:
Switch# configure terminal
Switch(config)# interface gigabitethernet2/0/1
Switch(config-if)# dot1x reauthentication
Switch(config-if)# dot1x timeout reauth-period server
Configuring an Authenticator and a Supplicant Switch with NEAT
Configuring this feature requires that one switch outside a wiring closet is configured as a supplicant and
is connected to an authenticator switch.
For overview information, see the ā€œ802.1x Supplicant and Authenticator Switches with Network Edge
Access Topology (NEAT)ā€ section on page 9-30.
Note The cisco-av-pairs must be configured as device-traffic-class=switch on the ACS, which sets the
interface as a trunk after the supplicant is successfully authenticated.
Beginning in privileged EXEC mode, follow these steps to configure a switch as an authenticator:
Step 6
end Return to privileged EXEC mode.
Step 7
show authentication interface-id
or
show dot1x interface interface-id
Verify your 802.1x authentication configuration.
Step 8
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
cisp enable Enable CISP.
Step 3
interface interface-id Specify the port to be configured, and enter interface configuration
mode.
Step 4
switchport mode access Set the port mode to access.
Step 5
authentication port-control auto Set the port-authentication mode to auto.
Step 6
dot1x pae authenticator Configure the interface as a port access entity (PAE) authenticator.
Step 7
spanning-tree portfast Enable Port Fast on an access port connected to a single workstation or
server.
Step 8
end Return to privileged EXEC mode.
Step 9
show running-config interface
interface-id
Verify your configuration.
Step 10
copy running-config startup-config (Optional) Save your entries in the configuration file.

Table of Contents

Related product manuals