Beginning in privileged EXEC mode, follow these steps to configure the security violation actions on the
switch:
SUMMARY STEPS
1.
configure terminal
2.
aaa new-model
3.
aaa authentication dot1x {default} method1
4.
interface interface-id
5.
switchport mode access
6.
authentication violation {shutdown | restrict | protect | replace}
7.
end
DETAILED STEPS
PurposeCommand or Action
Enters the global configuration mode.configure terminal
Example:
Switch# configure terminal
Step 1
Enables AAA.aaa new-model
Example:
Switch(config)# aaa new-model
Step 2
Creates an 802.1x authentication method list.
aaa authentication dot1x {default} method1
Step 3
Example:
Switch(config)# aaa authentication dot1x
To create a default list that is used when a named list is not specified
in the authentication command, use the default keyword followed
by the method that is to be used in default situations. The default
method list is automatically applied to all ports.
default group radius
For method1, enter the group radius keywords to use the list of all
RADIUS servers for authentication.
Though other keywords are visible in the command-line help
string, only the group radius keywords are supported.
Note
Specifies the port connected to the client that is to be enabled for
IEEE 802.1x authentication, and enter interface configuration mode.
interface interface-id
Example:
Switch(config)# interface
Step 4
gigabitethernet1/0/4
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1360
How to Configure 802.1x Port-Based Authentication
To Next Page
Loading...
Need help?
General
