EasyManuals Logo

Cisco Catalyst 4500 Series Administration Guide

Cisco Catalyst 4500 Series
1814 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1140 background imageLoading...
Page #1140 background image
46-2
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
OL_28731-01
Chapter 46 Configuring 802.1X Port-Based Authentication
About 802.1X Port-Based Authentication
Note 802.1X support requires an authentication server that is configured for Remote Authentication Dial-In
User Service (RADIUS). 802.1X authentication does not work unless the network access switch can
route packets to the configured RADIUS server. To verify that the switch can route packets, you must
ping the server from the switch.
Until a client is authenticated, only Extensible Authentication Protocol over LAN (EAPOL) traffic is
allowed using the port to which the client is connected. After authentication succeeds, normal traffic can
pass using the port.
To configure 802.1X port-based authentication, you need to understand the concepts in these sections:
• Device Roles, page 46-3
• 802.1X and Network Access Control, page 46-3
• Authentication Initiation and Message Exchange, page 46-4
• Ports in Authorized and Unauthorized States, page 46-5
• 802.1X Host Mode, page 46-7
• 802.1X Violation Mode, page 46-9
• Using MAC Move, page 46-10
• Using MAC Replace, page 46-10
• Using 802.1X with VLAN Assignment, page 46-11
• Using 802.1X for Guest VLANs, page 46-12
• Using 802.1X with MAC Authentication Bypass, page 46-13
• Using 802.1X with Web-Based Authentication, page 46-15
• Using 802.1X with Inaccessible Authentication Bypass, page 46-15
• Using 802.1X with Unidirectional Controlled Port, page 46-16
• Using 802.1X with VLAN User Distribution, page 46-17
• Using 802.1X with Authentication Failed VLAN Assignment, page 46-18
• Using 802.1X with Port Security, page 46-20
• Using 802.1X Authentication with ACL Assignments and Redirect URLs, page 46-21
• Using 802.1X with RADIUS-Provided Session Timeouts, page 46-22
• Using 802.1X with Voice VLAN Ports, page 46-23
• Using Voice Aware 802.1x Security, page 46-23
• Using Multiple Domain Authentication and Multiple Authentication, page 46-24
• Multi-Authentication Per User VLAN Authentication, page 46-25
• 802.1X Supplicant and Authenticator Switches with Network Edge Access Topology, page 46-26
• How 802.1X Fails on a Port, page 46-27
• Supported Topologies, page 46-28

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Software Configuration Guide
Software Configuration Guide2086 pages
Preview: Message Guide
Message Guide146 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Datasheet
Datasheet11 pages
Preview: Overview
Overview46 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General IconGeneral
SeriesCatalyst 4500 Series
CategorySwitch
Layer SupportLayer 2, Layer 3
Form FactorModular chassis
StackableNo
Chassis Slots3, 6, 7, 10
Power Supply OptionsAC, DC
RedundancyPower supply, Supervisor engine
Network ManagementCisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
FeaturesSecurity, QoS
Port DensityUp to 384 ports per chassis
Security Features802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine8-E

Related product manuals