Name: Cisco Catalyst 4500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

49-1

Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex

Chapter 49 Configuring 802.1X Port-Based Authentication

About 802.1X Port-Based Authentication

Configuring 802.1X Port-Based Authentication

This chapter describes how to configure IEEE 802.1X port-based authentication on the Catalyst 4500 series switch to prevent

unauthorized client devices from gaining access to the network.

This chapter includes the following major sections:

• About 802.1X Port-Based Authentication, page 49-1

• Configuring 802.1X Port-Based Authentication, page 49-26

• Controlling Switch Access with RADIUS, page 49-95

• Configuring Device Sensor, page 49-115

• Displaying 802.1X Statistics and Status, page 49-123

• Displaying Authentication Details, page 49-123

• Cisco IOS Security Features, page 49-128

Note For complete syntax and usage information for the switch commands used in this chapter, see the

Cisco IOS Command Reference Guides for the Catalyst 4500 Series Switch.

If a command is not in the Cisco Catalyst 4500 Series Switch Command Reference , you can locate it in

the Cisco IOS Master Command List, All Releases.

About 802.1X Port-Based Authentication

802.1X defines 802.1X port-based authentication as a client-server based access control and authentication protocol that

restricts unauthorized clients from connecting to a LAN through publicly accessible ports. An authentication server validates

each supplicant (client) connected to an authenticator (network access switch) port before making available any services

offered by the switch or the LAN.

Note 802.1X support requires an authentication server that is configured for Remote Authentication Dial-In

User Service (RADIUS). 802.1X authentication does not work unless the network access switch can

route packets to the configured RADIUS server. To verify that the switch can route packets, you must

ping the server from the switch.

Until a client is authenticated, only Extensible Authentication Protocol over LAN (EAPOL) traffic is allowed using the port to

which the client is connected. After authentication succeeds, normal traffic can pass using the port.

To configure 802.1X port-based authentication, you need to understand the concepts in these sections:

• Device Roles, page 49-2

• 802.1X and Network Access Control, page 49-3

• Authentication Initiation and Message Exchange, page 49-4

Other manuals for Cisco Catalyst 4500 Series

Manual19 pages

Command Reference Guide1230 pages

System Message Guide150 pages

Configuration Guide1610 pages

Administration Guide1814 pages

Message Guide146 pages

Installation Guide194 pages

Datasheet11 pages

Overview46 pages

Quick Reference Guide59 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General

Series	Catalyst 4500 Series
Category	Switch
Layer Support	Layer 2, Layer 3
Form Factor	Modular chassis
Stackable	No
Chassis Slots	3, 6, 7, 10
Power Supply Options	AC, DC
Redundancy	Power supply, Supervisor engine
Network Management	Cisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
Features	Security, QoS
Port Density	Up to 384 ports per chassis
Security Features	802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine	8-E