EasyManuals Logo

Cisco Catalyst 4500 Series Software Configuration Guide

Cisco Catalyst 4500 Series
2086 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1363 background imageLoading...
Page #1363 background image
49-83
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 49 Configuring 802.1X Port-Based Authentication
Configuring 802.1X Port-Based Authentication
Cisco IOS Release 12.2(46)SG or earlier
Switch# configure terminal
Switch(config)# interface fastethernet5/9
Switch(config-if)# switchport mode access
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# dot1x reauthentication
Switch(config-if)# dot1x timeout reauth-period 4000
Switch(config-if)# dot1x port-control auto
Switch(config-if)# end
Switch#
Enabling Multiple Hosts
You can attach multiple hosts (clients) to a single 802.1X-enabled port as shown in Figure 49-9 on page 49-26. In this mode,
when the port is authorized, all other hosts that are indirectly attached to the port are granted access to the network. If the port
becomes unauthorized (reauthentication fails or an EAPOL-logoff message is received), the switch denies access to the network
for all wireless access point-attached clients.
To allow multiple hosts (clients) on an 802.1X-authorized port that has the dot1x port-control interface configuration
command set to auto, perform this task:
Command Purpose
Step 1
Switch# configure terminal
Enters global configuration mode.
Step 2
Switch(config)# interface
interface-id
Enters interface configuration mode and specifies the interface to which
multiple hosts are indirectly attached.
Step 3
Switch(config-if)# switchport mode
access
Specifies a nontrunking, nontagged single VLAN Layer 2 interface.
Step 4
Switch(config-if)# dot1x pae
authenticator
Enables 802.1X authentication on the port with default parameters.
Refer to the “Default 802.1X Configuration” section on page 49-27.
Step 5
Cisco IOS Release 12.2(50)SG and later
Switch(config-if)# authentication
host-mode multi-host
Cisco IOS Release 12.2(46)SG or earlier
releases
Switch(config-if)# dot1x host-mode
multi-host
Allows multiple hosts (clients) on an 802.1X-authorized port.
Note Ensure that the dot1x port-control interface configuration
command set is set to auto for the specified interface.
To disable multiple hosts on the port, use the
no authentication host-mode multi-host interface configuration
command (for earlier releases, use the no dot1x host-mode multi-host
interface configuration command).
Step 6
Cisco IOS Release 12.2(50)SG and later
Switch(config-if)# authentication
port-control auto
Cisco IOS Release 12.2(46)SG or earlier
releases
Switch(config-if)# dot1x
port-control auto
Enables 802.1X authentication on the interface.
Step 7
Switch(config-if)# end
Returns to privileged EXEC mode.
Step 8
Switch# show dot1x all interface
interface-id
Verifies your entries.
Step 9
Switch# copy running-config
startup-config
(Optional) Saves your entries in the configuration file.

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General IconGeneral
SeriesCatalyst 4500 Series
CategorySwitch
Layer SupportLayer 2, Layer 3
Form FactorModular chassis
StackableNo
Chassis Slots3, 6, 7, 10
Power Supply OptionsAC, DC
RedundancyPower supply, Supervisor engine
Network ManagementCisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
FeaturesSecurity, QoS
Port DensityUp to 384 ports per chassis
Security Features802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine8-E

Related product manuals