EasyManuals Logo

Cisco Catalyst 4500 Series Configuration Guide

Cisco Catalyst 4500 Series
1610 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1003 background imageLoading...
Page #1003 background image
44-35
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
OL-25340-01
Chapter 44 Configuring 802.1X Port-Based Authentication
Configuring 802.1X Port-Based Authentication
This example shows how to enable 802.1X authentication and to allow multiple hosts:
Cisco IOS Release 12.2(50)SG and later
Switch(config)# interface gigabitethernet2/1
Switch(config-if)# authentication port-control auto
Switch(config-if)# authentication host-mode multi-host
Switch(config-if)# end
Cisco IOS Release 12.2(46)SG or earlier
Switch(config)# interface gigabitethernet2/1
Switch(config-if)# dot1x port-control auto
Switch(config-if)# dot1x host-mode multi-host
Switch(config-if)# end
Step 4
Cisco IOS Release 12.2(50)SG and later
Switch(config-if)# [no]
authentication host-mode
{single-host | multi-host |
multi-domain} | multi-auth}
Cisco IOS Release 12.2(46)SG or earlier
releases
Switch(config-if)# [no] dot1x
host-mode {single-host | multi-host
| multi-domain}
The keywords allow the following:
single-host—Single-host (client) on an IEEE 802.1X-authorized
port.
multi-host—Multiple-hosts on an 802.1X-authorized port after a
authenticating a single host.
multi-domain—Both a host and a voice device (such as an IP phone,
Cisco or non-Cisco), to authenticate on an IEEE 802.1X-authorized
port.
Note You must configure a voice VLAN for an IP phone when the host
mode is set to multi-domain. For more information, see
Chapter 41, “Configuring Voice Interfaces.
multi-auth—Allows multiple hosts and a voice device, such as an IP
phone (Cisco or non-Cisco), to be authenticated on an IEEE
802.1x-authorized port. This keyword requires Cisco IOS Release
12.2(50)SG or a later release.
Ensure that the dot1x port-control interface configuration command is
set to auto for the specified interface.
To disable multiple hosts on the port, use the
no authentication host-mode {multi-host | multi-domain | multi-auth}
interface configuration command (for earlier releases, use the
no dot1x host-mode {multi-host | multi-domain} interface
configuration command).
Step 5
Switch(config-if)# switchport voice
vlan vlan-id
(Optional) Configures the voice VLAN.
Step 6
Switch(config-if)# end
Returns to privileged EXEC mode.
Step 7
Switch# show dot1x interface
interface-id
[detail]
Verifies your entries.
Step 8
Switch# copy running-config
startup-config
(Optional) Saves your entries in the configuration file.
Command Purpose

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Software Configuration Guide
Software Configuration Guide2086 pages
Preview: Message Guide
Message Guide146 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Datasheet
Datasheet11 pages
Preview: Overview
Overview46 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General IconGeneral
SeriesCatalyst 4500 Series
CategorySwitch
Layer SupportLayer 2, Layer 3
Form FactorModular chassis
StackableNo
Chassis Slots3, 6, 7, 10
Power Supply OptionsAC, DC
RedundancyPower supply, Supervisor engine
Network ManagementCisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
FeaturesSecurity, QoS
Port DensityUp to 384 ports per chassis
Security Features802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine8-E

Related product manuals