Cisco Catalyst 4500 Series - Enabling Periodic Reauthentication

To Next Page

To Previous Page

49-81

Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex

Chapter 49 Configuring 802.1X Port-Based Authentication

Configuring 802.1X Port-Based Authentication

To determine if a host was authenticated using web authentication when fallback authentication is configured on the port, enter

the following commands:

Switch# show authentication sessions interface G4/3

Interface: GigabitEthernet4/3

MAC Address: 0015.e981.0531

IP Address: 10.5.63.13

Status: Authz Success

Domain: DATA

Oper host mode: single-host

Oper control dir: both

Authorized By: Authentication Server

Vlan Policy: N/A

Session timeout: N/A

Idle timeout: N/A

Common Session ID: 0A053F0F0000000200112FFC

Acct Session ID: 0x00000003

Handle: 0x09000002

Runnable methods list:

Method State

dot1x Failed over

mab Failed over

webauth Authc Success

Switch# show ip admission cache

Authentication Proxy Cache

Total Sessions: 1 Init Sessions: 0

Client IP 10.5.63.13 Port 4643, timeout 1000, state ESTAB

Cisco IOS Release 12.2(46)SG or earlier

Switch(config)# ip admission name rule1 proxy http

Switch(config)# fallback profile fallback1

Switch(config-fallback-profile)# ip access-group default-policy in

Switch(config-fallback-profile)# ip admission rule1

Switch(config-fallback-profile)# exit

Switch(config)# interface gigabit5/9

Switch(config-if)# switchport mode access

Switch(config-if)# dot1x port-control auto

Switch(config-if)# dot1x pae authenticator

Switch(config-if)# authentication order dot1x mab webauth

Switch(config-if)# dot1x mac-auth-bypass eap

Switch(config-if)# adot1x fallback fallback1

Switch(config-if)# exit

Switch(config)# ip device tracking

Switch(config)# exit

Enabling Periodic Reauthentication

You can enable periodic 802.1X client reauthentication and specify how often it occurs. If you do not specify a time value

before enabling reauthentication, the interval between reauthentication attempts is 3600 seconds.

Automatic 802.1X client reauthentication is a per-interface setting and can be set for clients connected to individual ports. To

manually reauthenticate the client connected to a specific port, see the “Changing the Quiet Period” section on page 49-84.

Main Page

Cisco Catalyst 4500 Series - Enabling Periodic Reauthentication

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Related product manuals