EasyManuals Logo

Cisco Catalyst 4500 Series Administration Guide

Cisco Catalyst 4500 Series
1814 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1211 background imageLoading...
Page #1211 background image
46-73
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
OL_28731-01
Chapter 46 Configuring 802.1X Port-Based Authentication
Configuring 802.1X Port-Based Authentication
This example shows how to enable a regular VLAN 40 on Fast Ethernet 4/3 as a authentication-failed
VLAN on a static access port:
Cisco IOS Release 12.2(50)SG and later
Switch# configure terminal
Switch(config)# interface gigabitEthernet3/1
Switch(config-if)# switchport mode access
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# authentication port-control auto
Switch(config-if)# authentication event fail retry 5 action authorize vlan 40
Switch(config-if)# end
Switch# show dot1x all
Sysauthcontrol Enabled
Dot1x Protocol Version 2
Dot1x Info for GigabitEthernet3/1
-----------------------------------
PAE = AUTHENTICATOR
PortControl = AUTO
ControlDirection = Both
HostMode = SINGLE_HOST
QuietPeriod = 60
ServerTimeout = 0
SuppTimeout = 30
ReAuthMax = 2
MaxReq = 2
TxPeriod = 30
Switch#
Step 5
Cisco IOS Release 12.2(50)SG and later
Switch(config-if)# authentication
event fail action authorize vlan
vlan-id
Cisco IOS Release 12.2(46)SG or earlier
releases
Switch(config-if)# dot1x auth-fail
vlan vlan-id
Enables authentication-failed VLAN on a particular interface.
To disable the authentication-failed VLAN feature on a particular port,
use the no authentication event fail action authorize vlan interface
configuration command.
Step 6
Cisco IOS Release 12.2(50)SG and later
Switch(config-if)# authentication
event fail retry max-attempts
action [authorize vlan vlan-id |
next-method]
Cisco IOS Release 12.2(46)SG or earlier
releases
Switch(config-if)# dot1x auth-fail
max-attempts max-attempts
Configure a maximum number of attempts before the port is moved to
authentication-failed VLAN.
Default is 3 attempts.
Step 7
Switch(config-if)# end
Returns to configuration mode.
Step 8
Switch(config)# end
Returns to privileged EXEC mode.
Step 9
Switch# show dot1x interface
interface-id details
(Optional) Verifies your entries.
Step 10
Switch# copy running-config
startup-config
(Optional) Saves your entries in the configuration file.
Command Purpose

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Software Configuration Guide
Software Configuration Guide2086 pages
Preview: Message Guide
Message Guide146 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Datasheet
Datasheet11 pages
Preview: Overview
Overview46 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General IconGeneral
SeriesCatalyst 4500 Series
CategorySwitch
Layer SupportLayer 2, Layer 3
Form FactorModular chassis
StackableNo
Chassis Slots3, 6, 7, 10
Power Supply OptionsAC, DC
RedundancyPower supply, Supervisor engine
Network ManagementCisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
FeaturesSecurity, QoS
Port DensityUp to 384 ports per chassis
Security Features802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine8-E

Related product manuals