46-29
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
OL_28731-01
Chapter 46 Configuring 802.1X Port-Based Authentication
Configuring 802.1X Port-Based Authentication
Figure 46-9 Wireless LAN Example
Configuring 802.1X Port-Based Authentication
To configure 802.1X, follow this procedure:
Step 1 Enable 802.1X authentication. See the “Enabling 802.1X Authentication” section on page 46-31.
Step 2 Configure switch to RADIUS server communication. See the “Configuring Switch-to-RADIUS-Server
Communication” section on page 46-35.
Step 3 Adjust the 802.1X timer values. See the “Changing the Quiet Period” section on page 46-86.
Step 4 Configure optional features. See the “Configuring RADIUS-Provided Session Timeouts” section on
page 46-55.
These sections describe how to configure 802.1X:
• Default 802.1X Configuration, page 46-30
• 802.1X Configuration Guidelines, page 46-31
• Enabling 802.1X Authentication, page 46-31 (required)
• Configuring Switch-to-RADIUS-Server Communication, page 46-35 (required)
• Configuring Multiple Domain Authentication and Multiple Authorization, page 46-36
• Configuring 802.1X Authentication with ACL Assignments and Redirect URLs, page 46-40
• Configuring 802.1X Authentication with Per-User ACL and Filter-ID ACL, page 46-47
• Configuring RADIUS-Provided Session Timeouts, page 46-55 (optional)
• Configuring MAC Move, page 46-57 (optional)
• Configuring MAC Replace, page 46-57 (optional)
• Configuring Violation Action, page 46-58 (optional)
• Configuring 802.1X with Guest VLANs, page 46-59 (optional)
• Configuring 802.1X with MAC Authentication Bypass, page 46-62 (optional)
• Configuring 802.1X with Inaccessible Authentication Bypass, page 46-64 (optional)
• Configuring 802.1X with Unidirectional Controlled Port, page 46-68 (optional)
• Configuring 802.1X with VLAN User Distribution, page 46-70
Wireless
clients
Wireless
access point
Catalyst 4500 Network
Access Switch
RADIUS
94160
Authenticator Authentication server
Supplicants
To Next Page
Loading...
