EasyManua.ls Logo

Cisco IE-3000-8TC

Cisco IE-3000-8TC
874 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
12-58
Cisco IE 3000 Switch Software Configuration Guide
OL-13018-03
Chapter 12 Configuring IEEE 802.1x Port-Based Authentication
Configuring 802.1x Authentication
This example shows how to configure 802.1x authentication with web authentication as a fallback
method.
Switch(config) configure terminal
Switch(config)# ip admission name rule1 proxy http
Switch(config)# fallback profile fallback1
Switch(config-fallback-profile)# ip access-group default-policy in
Switch(config-fallback-profile)# ip admission rule1
Switch(config-fallback-profile)# exit
Switch(config)# interface gigabitethernet1/2
Switch(config-if)# switchport mode access
Switch(config-if)# dot1x port-control auto
Switch(config-if)# dot1x fallback fallback1
Switch(config-if)# end
For more information about the authentication fallback and dot1x fallback commands, see the
command reference for this release. For more information about the ip admission name and ip
access-group commands, see the
Network Admission Control Software Configuration Guide on
Cisco.com.
Disabling 802.1x Authentication on the Port
You can disable 802.1x authentication on the port by using the no dot1x pae interface configuration
command.
Beginning in privileged EXEC mode, follow these steps to disable 802.1x authentication on the port.
This procedure is optional.
Step 9
authentication port-control auto
or
dot1x port-control auto
Enable 802.1x authentication on the interface.
Step 10
authentication fallback fallback-profile
or
dot1x fallback fallback-profile
Configure the port to authenticate a client by using web
authentication when no 802.1x supplicant is detected on the port.
Any change to the fallback-profile global configuration takes effect
the next time 802.1x fallback is invoked on the interface.
Note Web authorization cannot be used as a fallback method
for
802.1x if the port is configured for multidomain
authentication.
Step 11
exit Return to privileged EXEC mode.
Step 12
show authentication interface interface-id
or
show dot1x interface interface-id
Verify your configuration.
Step 13
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
interface interface-id Specify the port to be configured, and enter interface configuration mode.

Table of Contents

Other manuals for Cisco IE-3000-8TC

Preview: Administration Guide
Administration Guide496 pages
Preview: Command Reference
Command Reference802 pages
Preview: Message Guide
Message Guide98 pages
Preview: Getting Started Guide
Getting Started Guide32 pages

Related product manuals