Name: Cisco Catalyst 3560-X
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

1-34

Catalyst 3750-X and 3560-X Switch Software Configuration Guide

OL-25303-03

Chapter 1 Configuring IEEE 802.1x Port-Based Authentication

Understanding IEEE 802.1x Port-Based Authentication

Figure 1-6 Authenticator and Supplicant Switch using CISP

Guidelines

• You can configure NEAT ports with the same configurations as the other authentication ports. When

the supplicant switch authenticates, the port mode is changed from access to trunk based on the

switch vendor-specific attributes (VSAs). (device-traffic-class=switch).

• The VSA changes the authenticator switch port mode from access to trunk and enables 802.1x trunk

encapsulation and the access VLAN if any would be converted to a native trunk VLAN. VSA does

not change any of the port configurations on the supplicant

• To change the host mode and the apply a standard port configuration on the authenticator switch

port, you can also use AutoSmart ports user-defined macros, instead of the switch VSA. This allows

you to remove unsupported configurations on the authenticator switch port and to change the port

mode from access to trunk. For more information, see the Auto Smartports Configuration Guide for

this release.

For more information, see the “Configuring an Authenticator and a Supplicant Switch with NEAT”

section on page 1-69.

Voice Aware 802.1x Security

You use the voice aware 802.1x security feature to configure the switch to disable only the VLAN on

which a security violation occurs, whether it is a data or voice VLAN. In previous releases, when an

attempt to authenticate the data client caused a security violation, the entire port shut down, resulting in

a complete loss of connectivity.

You can use this feature in IP phone deployments where a PC is connected to the IP phone. A security

violation found on the data VLAN results in the shutdown of only the data VLAN. The traffic on the

voice VLAN flows through the switch without interruption.

For information on configuring voice aware 802.1x security, see the “Configuring Voice Aware 802.1x

Security” section on page 1-42.

1 Workstations (clients) 2 Supplicant switch (outside wiring closet)

3 Authenticator switch 4 Access control server (ACS)

5 Trunk port

205718

2 3

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 3560-X and is the answer not in the manual?

Cisco Catalyst 3560-X Specifications

General

Enclosure Type	Rack-mountable - 1U
Subtype	Gigabit Ethernet
Ports	48 x 10/100/1000 + 4 x SFP
Flash Memory	64 MB
Power Device	Internal power supply
Voltage Required	AC 120/230 V (50/60 Hz)
Operating System	Cisco IOS
Device Type	Switch
Performance	Switching capacity: 128 Gbps
Jumbo Frame Support	Yes
Routing Protocol	RIP-1, RIP-2, EIGRP
Remote Management Protocol	SNMP 1, RMON 1, RMON 2, RMON 3, RMON 9, Telnet, SNMP 3, HTTP, HTTPS
Features	DHCP support, VLAN support, QoS, IPv6 support, Syslog
Compliant Standards	IEEE 802.3, IEEE 802.3u, IEEE 802.3z, IEEE 802.1D, IEEE 802.1Q, IEEE 802.3ab, IEEE 802.1p, IEEE 802.3af, IEEE 802.3x, IEEE 802.3ad, IEEE 802.1w, IEEE 802.1x, IEEE 802.1s, IEEE 802.3ah, IEEE 802.1ag, IEEE 802.3at
Stacking	Stackable
Security Features	SSH, RADIUS, TACACS+
Management	CLI
Dimensions (H x W x D)	17.5 in
Operating Temperature	32 to 113 °F (0 to 45 °C)
Humidity	10 - 95% (non-condensing)