10-59
Catalyst 2960 and 2960-S Switches Software Configuration Guide, Release 15.0(1)SE
OL-26520-01
Chapter 10 Configuring IEEE 802.1x Port-Based Authentication
Configuring 802.1x Authentication
Configuring MAC Authentication Bypass
Beginning in privileged EXEC mode, follow these steps to enable MAC authentication bypass. This
procedure is optional.
To disable MAC authentication bypass, use the no authentication order interface configuration
command.
This example shows how to enable MAC authentication bypass:
Switch(config-if)# authentication order
Configuring 802.1x User Distribution
Beginning in global configuration, follow these steps to configure a VLAN group and to map a VLAN
to it:
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
interface interface-id Specify the port to be configured, and enter interface configuration mode.
For the supported port types, see the “802.1x Authentication
Configuration Guidelines” section on page 10-38.
Step 3
authentication port-control auto Enable 802.1x authentication on the port.
Step 4
authentication order [mab] {webauth} Set the order of authentication methods.
• mab—Add MAC authentication bypass (MAB) to the order of
authentication methods.
• webauth—Add web authentication to the order of authentication
methods.
Step 5
end Return to privileged EXEC mode.
Step 6
show authentication interface
interface-id
Verify your entries.
Step 7
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Step 1
vlan group vlan-group-name vlan-list vlan-list Configure a VLAN group, and map a single VLAN or a range of
VLANs to it.
Step 2
show vlan group all vlan-group-name Verify the configuration.
Step 3
no vlan group vlan-group-name vlan-list
vlan-list
Clear the VLAN group configuration or elements of the VLAN
group configuration.
To Next Page
Loading...
Need help?
General
