Name: Cisco Catalyst 3750
Brand: Cisco
Rating: 5 (1 reviews)

To Next Page

To Previous Page

8-5

Catalyst 3750 Metro Switch Software Configuration Guide

78-15870-01

Chapter 8 Configuring 802.1x Port-Based Authentication

Understanding 802.1x Port-Based Authentication

If the client is successfully authenticated (receives an Accept frame from the authentication server), the

port state changes to authorized, and all frames from the authenticated client are allowed through the

port. If the authentication fails, the port remains in the unauthorized state, but authentication can be

retried. If the authentication server cannot be reached, the switch can resend the request. If no response

is received from the server after the specified number of attempts, authentication fails, and network

access is not granted.

When a client logs off, it sends an EAPOL-logoff message, causing the switch port to transition to the

unauthorized state.

If the link state of a port transitions from up to down, or if an EAPOL-logoff frame is received, the port

returns to the unauthorized state.

Supported Topologies

The 802.1x port-based authentication is supported in two topologies:

• Point-to-point

• Wireless LAN

In a point-to-point configuration (see Figure 8-1 on page 8-2), only one client can be connected to the

802.1x-enabled switch port. The switch detects the client when the port link state changes to the up state.

If a client leaves or is replaced with another client, the switch changes the port link state to down, and

the port returns to the unauthorized state.

Figure 8-3 shows 802.1x port-based authentication in a wireless LAN. The 802.1x port is configured as

a multiple-hosts port that becomes authorized as soon as one client is authenticated. When the port is

authorized, all other hosts indirectly attached to the port are granted access to the network. If the port

becomes unauthorized (re-authentication fails or an EAPOL-logoff message is received), the switch

denies access to the network to all of the attached clients. In this topology, the wireless access point is

responsible for authenticating the clients attached to it, and the wireless access point acts as a client to

the switch.

Figure 8-3 Wireless LAN Example

101227

Wireless clients

Access point

Authentication

server

(RADIUS)

Other manuals for Cisco Catalyst 3750

Command Reference1154 pages

Getting Started Guide32 pages

Hardware Installation Guide230 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 3750 and is the answer not in the manual?

Cisco Catalyst 3750 Specifications

General

Device Type	Switch
Switching Capacity	32 Gbps
Forwarding Rate	38.7 Mpps
Stacking Bandwidth	32 Gbps
RAM	128 MB
Jumbo Frame Support	Yes
Switch Type	Managed
Model	Catalyst 3750 Series
Uplink Interfaces	SFP
Form Factor	Rack-mountable
MAC Address Table Size	12, 000 entries
Routing Protocol	RIP, OSPF, EIGRP
Remote Management Protocol	SNMP, Telnet, HTTP
Features	Layer 3 switching, Layer 2 switching, auto-negotiation, BOOTP support, ARP support, VLAN support, auto-uplink (auto MDI/MDI-X), IGMP snooping, traffic shaping, MAC address filtering, Quality of Service (QoS), Jumbo Frames support, MLD snooping, Dynamic ARP Inspection (DAI), Cisco EnergyWise technology
Power over Ethernet (PoE)	PoE
Operating Temperature	-5 - 45 °C
Operating Humidity	10% to 85% non-condensing