EasyManuals Logo
Home>Cisco>Switch>WS-C6506

Cisco WS-C6506 User Manual

Cisco WS-C6506
1488 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1000 background imageLoading...
Page #1000 background image
40-6
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 40 Configuring 802.1X Authentication
Understanding How 802.1X Authentication Works
Authentication Server
The frames that are exchanged between the authenticator and the authentication server are dependent on
the authentication mechanism, so they are not defined by 802.1X. You can use other protocols, but we
recommend that you use RADIUS for authentication, particularly when the authentication server is
located remotely, because RADIUS has extensions that support the encapsulation of EAP frames built
into it.
802.1X Parameters Configurable on the Switch
You can configure these 802.1X parameters on the switch:
Specify Force-Authorized, Force-Unauthorized, or Automatic 802.1X port control
Specify single authentication, multiple authentication, and multiple host authentication
Enable or disable system authentication control
Specify the quiet time interval
Specify the authenticator to host retransmission time interval
Specify the back-end authenticator to host retransmission time interval
Specify the back-end authenticator to authentication server retransmission time interval
Specify the number of frames that are retransmitted from the back-end authenticator to the host
Specify the automatic host reauthentication time interval
Specify the port shutdown timeout period after a security violation
Enable or disable automatic host reauthentication
In Flow control only on incoming frames in an unauthorized switch port.
Port Single point of attachment to the LAN infrastructure (for example,
MAC bridge ports).
PAE Port access entity protocol object that is associated with a specific
system port.
PDU Protocol data unit.
RADIUS Remote Access Dial-In User Service.
Supplicant
3
PAE Entity that requests access to the LAN/switch services and responds
to the information requests from the authenticator.
Unauthorized state Status of the port before the supplicant PAE is authorized.
Uncontrolled port Unsecured access point that allows the uncontrolled exchange of
PDUs.
1. PAE = port access entity
2. EAPOL = Extensible Authorization Protocol over LAN
3. 802.1X uses the term supplicant for client or host. This publication uses host instead of supplicant because host is used in the
Catalyst 6500 series CLI syntax.
Table 40-1 802.1X Terminology (continued)
Term Definition

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco WS-C6506 and is the answer not in the manual?

Cisco WS-C6506 Specifications

General IconGeneral
BrandCisco
ModelWS-C6506
CategorySwitch
LanguageEnglish

Related product manuals