EasyManua.ls Logo

Cisco Catalyst 4500 Series - Page 1037

Cisco Catalyst 4500 Series
1610 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
44-69
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
OL-25340-01
Chapter 44 Configuring 802.1X Port-Based Authentication
Configuring 802.1X Port-Based Authentication
This example shows how to enable a regular VLAN 40 on Fast Ethernet 4/3 as a authentication-failed
VLAN on a static access port:
Cisco IOS Release 12.2(50)SG and later
Switch# configure terminal
Switch(config)# interface gigabitEthernet3/1
Switch(config-if)# switchport mode access
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# authentication port-control auto
Switch(config-if)# authentication event fail retry 5 action authorize vlan 40
Switch(config-if)# end
Switch# show dot1x all
Sysauthcontrol Enabled
Dot1x Protocol Version 2
Dot1x Info for GigabitEthernet3/1
-----------------------------------
PAE = AUTHENTICATOR
PortControl = AUTO
ControlDirection = Both
HostMode = SINGLE_HOST
QuietPeriod = 60
ServerTimeout = 0
SuppTimeout = 30
ReAuthMax = 2
MaxReq = 2
TxPeriod = 30
Switch#
Step 5
Cisco IOS Release 12.2(50)SG and later
Switch(config-if)# authentication
event fail action authorize vlan
vlan-id
Cisco IOS Release 12.2(46)SG or earlier
releases
Switch(config-if)# dot1x auth-fail
vlan vlan-id
Enables authentication-failed VLAN on a particular interface.
To disable the authentication-failed VLAN feature on a particular port,
use the no authentication event fail action authorize vlan interface
configuration command.
Step 6
Cisco IOS Release 12.2(50)SG and later
Switch(config-if)# authentication
event fail retry max-attempts
action [authorize vlan vlan-id |
next-method]
Cisco IOS Release 12.2(46)SG or earlier
releases
Switch(config-if)# dot1x auth-fail
max-attempts max-attempts
Configure a maximum number of attempts before the port is moved to
authentication-failed VLAN.
Default is 3 attempts.
Step 7
Switch(config-if)# end
Returns to configuration mode.
Step 8
Switch(config)# end
Returns to privileged EXEC mode.
Step 9
Switch# show dot1x interface
interface-id details
(Optional) Verifies your entries.
Step 10
Switch# copy running-config
startup-config
(Optional) Saves your entries in the configuration file.
Command Purpose

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Software Configuration Guide
Software Configuration Guide2086 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Message Guide
Message Guide146 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages
Preview: Datasheet
Datasheet11 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Overview
Overview46 pages

Related product manuals