9-11
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-12
Chapter 9 Configuring IEEE 802.1x Port-Based Authentication
Configuring IEEE 802.1x Authentication
Configuring IEEE 802.1x Authentication
These sections describe how to configure IEEE 802.1x port-based authentication on your switch:
• Default IEEE 802.1x Configuration, page 9-11
• IEEE 802.1x Configuration Guidelines, page 9-12
• Upgrading from a Previous Software Release, page 9-13
• Enabling IEEE 802.1x Authentication, page 9-14 (required)
• Configuring the Switch-to-RADIUS-Server Communication, page 9-15 (required)
• Enabling Periodic Re-Authentication, page 9-17 (optional)
• Manually Re-Authenticating a Client Connected to a Port, page 9-18 (optional)
• Changing the Quiet Period, page 9-18 (optional)
• Changing the Switch-to-Client Retransmission Time, page 9-19 (optional)
• Setting the Switch-to-Client Frame-Retransmission Number, page 9-19 (optional)
• Configuring the Host Mode, page 9-20 (optional)
• Configuring a Guest VLAN, page 9-21 (optional)
• Resetting the IEEE 802.1x Configuration to the Default Values, page 9-22 (optional)
• Configuring IEEE 802.1x Authentication, page 9-23 (optional)
• Configuring IEEE 802.1x Accounting, page 9-24 (optional)
Default IEEE 802.1x Configuration
Table 9-2 shows the default IEEE 802.1x configuration.
Table 9-2 Default IEEE 802.1x Configuration
Feature Default Setting
AAA Disabled.
RADIUS server
• IP address
• UDP authentication port
• Key
• None specified.
• 1812.
• None specified.
Switch IEEE 802.1x enable state Disabled.
Per-interface IEEE 802.1x enable state Disabled (force-authorized).
The port sends and receives normal traffic without IEEE
802.1x-based authentication of the client.
Periodic re-authentication Disabled.
Number of seconds between
re-authentication attempts
3600 seconds.
To Next Page
Loading...
