44-31
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
OL-25340-01
Chapter 44 Configuring 802.1X Port-Based Authentication
Configuring 802.1X Port-Based Authentication
This example shows how to enable 802.1X and AAA on Fast Ethernet port 2/1, and how to verify the
configuration:
Cisco IOS Release 12.2(50)SG and later
Switch# configure terminal
Switch(config)# dot1x system-auth-control
Switch(config)# aaa new-model
Switch(config)# aaa authentication dot1x default group radius
Switch(config)# interface fastethernet2/1
Switch(config-if)# switchport mode access
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# authentication port-control auto
Switch(config-if)# end
Switch# show authentication sessions interface f9/2
Interface: FastEthernet9/2
MAC Address: 0007.e95d.83c4
IP Address: Unknown
Status: Running
Domain: UNKNOWN
Oper host mode: single-host
Oper control dir: both
Session timeout: N/A
Idle timeout: N/A
Common Session ID: 0A050B160000009505106398
Acct Session ID: 0x0000009B
Handle: 0x0D000095
Runnable methods list:
Method State
dot1x Running
mab Not run
Cisco IOS Release 12.2(46)SG or earlier
Switch# configure terminal
Switch(config)# dot1x system-auth-control
Switch(config)# aaa new-model
Switch(config)# aaa authentication dot1x default group radius
Switch(config)# interface fastethernet2/1
Switch(config-if)# switchport mode access
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# dot1x port-control auto
Switch(config-if)# end
Switch# show dot1x interface f9/2 details
Dot1x Info for FastEthernet9/2
-----------------------------------
PAE = AUTHENTICATOR
PortControl = AUTO
ControlDirection = Both
HostMode = SINGLE_HOST
QuietPeriod = 60
ServerTimeout = 0
SuppTimeout = 30
ReAuthMax = 2
MaxReq = 2
TxPeriod = 30
To Next Page
Loading...
