EasyManua.ls Logo

Cisco Catalyst 4500 Series - Page 1359

Cisco Catalyst 4500 Series
2086 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
49-79
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 49 Configuring 802.1X Port-Based Authentication
Configuring 802.1X Port-Based Authentication
This example shows how to enable 802.1X fallback to MAB, and then to enable web-based authentication, on an
802.1X-enabled port:
Switch(config)# ip admission name rule1 proxy http
Switch(config)# fallback profile fallback1
Switch(config-fallback-profile)# ip access-group default-policy in
Switch(config-fallback-profile)# ip admission rule1
Switch(config-fallback-profile)# exit
Switch(config)# interface gigabit5/9
Switch(config-if)# switchport mode access
Switch(config-if)# authentication port-control auto
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# authentication order dot1x mab webauth
Switch(config-if)# mab eap
Switch(config-if)# authentication fallback fallback1
Switch(config-if)# exit
Switch(config)# ip device tracking
Switch(config)# exit
To determine if a host was authenticated using 802.1X when fallback authentication is configured on the port, enter the
following commands:
Switch# show authentication sessions interface g7/2
Interface: GigabitEthernet7/2
MAC Address: 0060.b057.4687
IP Address: Unknown
User-Name: test2
Status: Authz Success
Domain: DATA
Oper host mode: multi-auth
Oper control dir: both
Authorized By: Authentication Server
Vlan Policy: N/A
Session timeout: N/A
Idle timeout: N/A
Common Session ID: C0A8013F0000000901BAB560
Acct Session ID: 0x0000000B
Handle: 0xE8000009
Runnable methods list:
Method State
dot1x Authc Success
mab Not run
Switch# show dot1x interfaces g7/2 detail
Step 15
Switch(config-if)# authentication timer restart
seconds
(Optional) Specifies a period after which the
authentication process restarts in an attempt to
authenticate an unauthorized port.
seconds—Specifies the restart period. The range is
from 1 to 65535 seconds.
Step 16
Switch(config-if)# exit
Returns to global configuration mode.
Step 17
Switch(config)# ip device tracking
Enables the IP device tracking table, which is required for
web-based authentication.
Step 18
Switch(config)# exit
Returns to privileged EXEC mode.
Step 19
Switch# show dot1x interface type slot/port
Verifies your entries.
Command Purpose

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Message Guide
Message Guide146 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages
Preview: Datasheet
Datasheet11 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Overview
Overview46 pages

Related product manuals