31-12
Catalyst 4500 Series, Catalyst 2948G, Catalyst 2948G-GE-TX, and Catalyst 2980G Switches Software Configuration Guide—Release 8.2GLX
78-15908-01
Chapter 31 Configuring 802.1x Authentication
Configuring 802.1x Authentication on the Switch
To enable multiple 802.1x authentications, perform this task in privileged mode:
This example shows how to enable multiple 802.1x authentication on port 1 in module 3 and verify the
configuration:
Console> (enable) set port dot1x 3/1 multiple-authentication enable
Enable PortSecurity before enabling multiple-authentication
Console> (enable) set port security 3/1 enable
Port 3/1 security enabled.
Trunking disabled for Port 3/1 due to Security Mode.
Console> (enable) set port dot1x 3/1 multiple-authentication enable
Dot1x multiple-authentication mode enabled
Console> (enable) show port dot1x 3/1
Port Auth-State BEnd-State Port-Control Port-Status
----- ------------------- ---------- ------------------- -------------
3/1 - - force-authorized -
Port Port-Mode Re-authentication
----- ------------- -----------------
3/1 MultiAuth disabled
Console> (enable)
Setting and Enabling Automatic Reauthentication of the Host
You can specify how often 802.1x authentication reauthenticates the host if you do so before you enable
automatic 802.1x host reauthentication. If you do not specify a time period before you enable host
reauthentication, 802.1x defaults to 3600 seconds (the valid values are from 1–65,535 seconds).
You can enable automatic 802.1x host reauthentication for hosts that are connected to a specific port. To
manually reauthenticate the host that is connected to a specific port, see the “Manually Reauthenticating
the Host” section on page 31-13.
To set how often 802.1x authentication reauthenticates the host and enable automatic 802.1x
reauthentication, perform this task in privileged mode:
This example shows how to set automatic reauthentication to 7200 seconds, enable 802.1x
reauthentication, and verify the configuration:
Console> (enable) set dot1x re-authperiod 7200
dot1x re-authperiod set to 7200 seconds
Console> (enable) set port dot1x 4/1 re-authentication enable
Port 4/1 re-authentication enabled.
Task Command
Step 1
Enable multiple 802.1x authentication on a
specific port.
set port dot1x mod/port
multiple-authentication {enable | disable}
Step 2
Verify the 802.1x configuration. show port dot1x mod/port
Task Command
Step 1
Set the time constant for reauthenticating the
host.
set dot1x re-authperiod seconds
Step 2
Enable reauthentication. set port dot1x mod/port re-authentication enable
Step 3
Verify the 802.1x configuration. show port dot1x mod/port
To Next Page
Loading...
