234
Configuring IEEE 802.1x Port-Based Authentication
Monitoring and Maintaining IEEE 802.1x Port-Based Authentication
Monitoring and Maintaining IEEE 802.1x Port-Based
Authentication
Configuration Examples for Configuring IEEE 802.1x
Port-Based Authentication
Enabling a Readiness Check: Example
This example shows how to enable a readiness check on a switch to query a port. It also shows the response received
from the queried port verifying that the device connected to it is 802.1x-capable:
switch# dot1x test eapol-capable interface GigabitEthernet1/18
DOT1X_PORT_EAPOL_CAPABLE:DOT1X: MAC 00-01-02-4b-f1-a3 on GigabitEthernet1/18 is EAPOL capable
Enabling 802.1x Authentication: Example
This example shows how to enable 802.1x authentication and to allow multiple hosts:
Switch(config)# interface GigabitEthernet1/18
Switch(config-if)# authentication port-control auto
Switch(config-if)# authentication host-mode multi-host
Switch(config-if)# end
Enabling MDA: Example
This example shows how to enable MDA and to allow both a host and a voice device on the port:
Switch(config)# interface GigabitEthernet1/18
Switch(config-if)# authentication port-control auto
Switch(config-if)# authentication host-mode multi-domain
Switch(config-if)# switchport voice vlan 101
Switch(config-if)# end
Disabling the VLAN Upon Switch Violoation: Example
This example shows how to configure the switch to shut down any VLAN on which a security violation error occurs:
Switch(config)# errdisable detect cause security-violation shutdown vlan
This example shows how to reenable all VLANs that were error-disabled:
Switch# clear errdisable interface GigabitEthernet1/18 vlan
Command Purpose
show dot1x all statistics Displays 802.1x statistics for all ports.
show dot1x statistics interface interface-id Displays 802.1x statistics for a specific port.
show dot1x all [details | statistics | summary] Displays the 802.1x administrative and operational status
for the switch.
show dot1x interface interface-id Displays the 802.1x administrative and operational status
for a specific port.
To Next Page
Loading...
Need help?
General