9-19
Catalyst 2960 Switch Software Configuration Guide
OL-8603-04
Chapter 9 Configuring IEEE 802.1x Port-Based Authentication
Configuring IEEE 802.1x Authentication
• Changing the Quiet Period, page 9-26 (optional)
• Changing the Switch-to-Client Retransmission Time, page 9-27 (optional)
• Setting the Switch-to-Client Frame-Retransmission Number, page 9-28 (optional)
• Setting the Re-Authentication Number, page 9-28 (optional)
• Configuring IEEE 802.1x Accounting, page 9-29 (optional)
• Configuring a Guest VLAN, page 9-30 (optional)
• Configuring a Restricted VLAN, page 9-31 (optional)
• Configuring the Inaccessible Authentication Bypass Feature, page 9-33 (optional)
• Configuring IEEE 802.1x Authentication with WoL, page 9-35 (optional)
• Configuring MAC Authentication Bypass, page 9-36 (optional)
• Configuring NAC Layer 2 IEEE 802.1x Validation, page 9-37 (optional)
• Configuring Web Authentication, page 9-38 (optional)
• Disabling IEEE 802.1x Authentication on the Port, page 9-40 (optional)
• Resetting the IEEE 802.1x Authentication Configuration to the Default Values, page 9-41 (optional)
Default IEEE 802.1x Authentication Configuration
Table 9-2 shows the default IEEE 802.1x authentication configuration.
Table 9-2 Default IEEE 802.1x Authentication Configuration
Feature Default Setting
Switch IEEE 802.1x enable state Disabled.
Per-port IEEE 802.1x enable state Disabled (force-authorized).
The port sends and receives normal traffic without IEEE 802.1x-based
authentication of the client.
AAA Disabled.
RADIUS server
• IP address
• UDP authentication port
• Key
• None specified.
• 1812.
• None specified.
Host mode Single-host mode.
Control direction Bidirectional control.
Periodic re-authentication Disabled.
Number of seconds between
re-authentication attempts
3600 seconds.
Re-authentication number 2 times (number of times that the switch restarts the authentication process
before the port changes to the unauthorized state).
Quiet period 60 seconds (number of seconds that the switch remains in the quiet state
following a failed authentication exchange with the client).