EasyManuals Logo

Cisco Catalyst 2950 Software Guide

Cisco Catalyst 2950
376 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #166 background imageLoading...
Page #166 background image
7-10
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-03
Chapter7 Configuring 802.1X Port-Based Authentication
Configuring 802.1X Authentication
To delete the specified RADIUS server, use the no radius-server host {hostname | ip-address} global
configuration command.
This example shows how to specify the server with IP address 172.20.39.46 as the RADIUS server, to
use port 1612 as the authorization port, and to set the encryption key to rad123,matchingthekeyonthe
RADIUS server:
Switch(config)# radius-server host 172.l20.39.46 auth-port 1612 key rad123
You can globally configure the timeout, retransmission, and encryption key values for all RADIUS
servers by using the radius-server host global configuration command. If you want to configure these
options on a per-server basis, use the radius-server timeout, radius-server retransmit,andthe
radius-server key global configuration commands. For more information, see the Controlling Switch
Access with RADIUS sectiononpage6-24.
You also need to configure some settings on the RADIUS server. These settings include the IP address
of the switch and the key string to be shared by both the server and the switch. For more information,
refer to the RADIUS server documentation.
Enabling Periodic Re-Authentication
You can enable periodic 802.1X client re-authentication and specify how often it occurs. If you do not
specify a time period before enabling re-authentication, the number of seconds between
re-authentiaction attempts is 3600 seconds.
Automatic 802.1X client re-authentication is a global setting and cannot be set for clients connected to
individual ports. To manually re-authenticate the client connected to a specific port, see the Manually
Re-Authenticating a Client Connected to a Port section on page 7-11.
Beginning in privileged EXEC mode, follow these steps to enable periodic re-authentication of the client
and to configure the number of seconds between re-authentication attempts:
To disable periodic re-authentication, use the no dot1x re-authentication global configuration
command.To return to the default number of seconds between re-authentication attempts, use the no
dot1x timeout re-authperiod global configuration command.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
dot1x re-authentication Enable periodic re-authentication of the client, which is disabled by
default.
Step 3
dot1x timeout re-authperiod seconds Set the number of seconds between re-authentication attempts.
The range is 1 to 4294967295; the default is 3600 seconds.
This command affects the behavior of the switch only if periodic
re-authentication is enabled.
Step 4
end Return to privileged EXEC mode.
Step 5
show dot1x Verify your entries.
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.

Table of Contents

Other manuals for Cisco Catalyst 2950

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 2950 and is the answer not in the manual?

Cisco Catalyst 2950 Specifications

General IconGeneral
Forwarding Bandwidth8.8 Gbps
Switching Capacity13.6 Gbps
Forwarding Rate6.6 Mpps
Weight3.6 kg
RAM16 MB
Flash Memory8 MB
Operating Humidity10% to 85% non-condensing
Uplink Ports2 x 10/100/1000Base-T
Dimensions4.4 cm x 44.5 cm x 24.2 cm
Remote Management ProtocolSNMP, Telnet, HTTP
FeaturesQuality of Service (QoS), VLAN support
Compliant StandardsIEEE 802.3, IEEE 802.3u, IEEE 802.1D, IEEE 802.1Q, IEEE 802.1p
Status Indicatorssystem
Operating Temperature0 to 45°C
Ports24 x 10/100 Ethernet ports
MAC Address Table Size8, 192 entries
Power SupplyInternal 100-240V AC, 50-60Hz

Related product manuals