Security
Configuring 802.1X
Cisco 500 Series Stackable Managed Switch Administration Guide Release 1.3 398
20
• Port-Based Authentication—Enable or disable port-based, 802.1X
authentication.
• Authentication Method—Select the user authentication methods. The
options are:
- RADIUS, None—Perform port authentication first by using the RADIUS
server. If no response is received from RADIUS (for example, if the server
is down), then no authentication is performed, and the session is
permitted
. If the server is available but the user credentials are incorrect,
access is denied and the session terminated.
- RADIUS—Authenticate the user on the RADIUS server. If no
authentication is performed, the session is not permitted.
- None—Do not authenticate the user. Permit the session.
• Guest VLAN—Select to enable the use of a Guest VLAN for unauthorized
ports. If a Guest VLAN is enabled, all unauthorized ports automatically join
the VLAN selected in the Guest VLAN ID field. If a port is later authorized, it
is removed from the Guest VLAN.
• Guest VLAN ID—Select the guest VLAN from the list of VLANs.
• Guest VLAN Timeout—Define a time period:
- After linkup, if the software does not detect the 802.1X supplicant, or the
authentication has failed, the port is added to the Guest VLAN, only after
the Guest VLAN timeout period has expired.
- If the port state changes from Authorized to Not Authorized, the port is
added to the Guest VLAN only after the Guest VLAN timeout has expired.
The VLAN Authentication Table displays all VLANs, and indicates whether
authentication has been enabled on them.
STEP 3 Click Apply. The 802.1X properties are written to the Running Configuration file.
To Next Page
Loading...
