PurposeCommand or Action
Specifies the port to be configured, and enter interface
configuration mode.
interface interface-id
Example:
Switch(config)# interface gigabitethernet2/0/3
Step 2
Sets the port to access mode only if you configured the
RADIUS server.
switchport mode access
Example:
Switch(config-if)# switchport mode access
Step 3
Specifies an active VLAN as an 802.1x guest VLAN. The
range is 1 to 4094.
authentication event no-response action authorize vlan
vlan-id
Step 4
Example:
Switch(config-if)# authentication event
You can configure any active VLAN except an internal
VLAN (routed port), an RSPAN VLAN, or a voice VLAN
as an 802.1x guest VLAN.
no-response action authorize vlan 8
Enables periodic re-authentication of the client, which is
disabled by default.
authentication periodic
Example:
Switch(config-if)# authentication periodic
Step 5
Sets re-authentication attempt for the client (set to one
hour).
authentication timer reauthenticate
Example:
Switch(config-if)# authentication timer
Step 6
This command affects the behavior of the switch only if
periodic re-authentication is enabled.
reauthenticate
Returns to privileged EXEC mode.end
Example:
Switch(config-if)# end
Step 7
Verifies your entries.
show authentication sessions interface interface-id
Example:
Switch# show authentication sessions interface
Step 8
gigabitethernet2/0/3
Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX
338 OL-29048-01
Configuring IEEE 802.1x Port-Based Authentication
Configuring NAC Layer 2 802.1x Validation
To Next Page
Loading...
