2-77
Catalyst 3550 Multilayer Switch Command Reference
OL-8566-02
Chapter 2 Catalyst 3550 Switch Cisco IOS Commands
dot1x
dot1x
Use the dot1x global configuration command to enable IEEE 802.1x authentication globally. Use the no
form of this command to return to the default setting.
dot1x {critical {eapol | recovery delay milliseconds} | system-auth-control}
no dot1x {credentials | critical {eapol | recovery delay} | system-auth-control}
Note Though visible in the command-line help strings, the credentials name keywords are not supported.
Syntax Description
Defaults IEEE 802.1x authentication is disabled.
Command Modes Global configuration
Command History
Usage Guidelines You must enable authentication, authorization, and accounting (AAA) and specify the authentication
method list before globally enabling IEEE 802.1x authentication. A method list describes the sequence
and authentication methods to be queried to authenticate a user.
Before globally enabling IEEE 802.1x authentication on a switch, remove the EtherChannel
configuration from the interfaces on which IEEE 802.1x authentication and EtherChannel are
configured.
If you are using a device running the Cisco Access Control Server (ACS) application for IEEE 802.1x
authentication with EAP-Transparent LAN Services (TLS) and with EAP-MD5 and your switch is
running Cisco IOS Release
12.1(14)EA1, make sure that the device is running ACS Version 3.2.1 or
later.
critical {eapol |
recovery delay
milliseconds}
Configure the inaccessible authentication bypass parameters. For more
information, see the
dot1x critical (global configuration) command.
system-auth-control Enable IEEE 802.1x authentication globally on the switch.
Release Modification
12.1(14)EA1 This command was introduced.
12.2(25)SE The guest-vlan supplicant keywords were added.
12.2(25)SEE The critical {eapol | recovery delay milliseconds} keywords were added.
The guest-vlan supplicant keyword was removed.
To Next Page
Loading...
Need help?
General
