9-22
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-12
Chapter 9 Configuring IEEE 802.1x Port-Based Authentication
Configuring IEEE 802.1x Authentication
Beginning in privileged EXEC mode, follow these steps to enable the optional guest VLAN behavior
and to configure a guest VLAN. This procedure is optional.
To disable the optional guest VLAN behavior, use the no dot1x guest-vlan supplicant global
configuration command. To remove the guest VLAN, use the no dot1x guest-vlan interface
configuration command. The port returns to the unauthorized state.
This example shows how enable the optional guest VLAN behavior and to specify VLAN 5 as an IEEE
802.1x guest VLAN:
Switch(config)# dot1x guest-vlan supplicant
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# dot1x guest-vlan 5
Resetting the IEEE 802.1x Configuration to the Default Values
Beginning in privileged EXEC mode, follow these steps to reset the IEEE 802.1x configuration to the
default values.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
dot1x guest-vlan supplicant Enable the optional guest VLAN behavior globally on the switch.
Step 3
interface interface-id Specify the port to be configured, and enter interface configuration mode.
For the supported port types, see the “IEEE 802.1x Configuration
Guidelines” section on page 9-12.
Step 4
switchport mode access Set the port to access mode.
Step 5
dot1x port-control auto Enable IEEE 802.1x authentication on the port.
Step 6
dot1x guest-vlan vlan-id Specify an active VLAN as an IEEE 802.1x guest VLAN. The range is 1
to 4094.
You can configure any active VLAN except an RSPAN VLAN or a voice
VLAN as an IEEE 802.1x guest VLAN.
Step 7
end Return to privileged EXEC mode.
Step 8
show dot1x interface interface-id Verify your entries.
Step 9
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
interface interface-id Specify the interface to be configured, and enter interface configuration
mode.
Step 3
dot1x default Reset the configurable IEEE 802.1x parameters to the default values.
Step 4
end Return to privileged EXEC mode.
Step 5
show dot1x interface interface-id Verify your entries.
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.
To Next Page
Loading...
