Configuring 802.1X and Port-Based Security 535
Configuring MAC-Based Authentication Mode
The PowerConnect 7000 Series switches support MAC-based 802.1X
authentication. This feature allows multiple hosts to authenticate on a single
port. The hosts are distinguished by their MAC addresses.
When multiple hosts (for example, a PC, a printer, and a phone in the same
office) are connected to the switch on the same port, each of the connected
hosts authenticates separately with the RADIUS server.
To configure the switch:
1
Enable MAC-based authentication on port 8 and limit the number of
devices that can authenticate on that port to 3.console#configure
console(config)#interface gi1/0/8
console(config-if-Gi1/0/8)#dot1x port-control mac-
based
console(config-if-Gi1/0/8)#dot1x max-users 3
2
Set the port to an 802.1Q VLAN. The port must be in general mode in
order to enable MAC-based 802.1X authentication.
console(config-if-Gi1/0/8)#switchport mode general
console(config-if-Gi1/0/8)#exit
console(config)#exit
3
View 802.1X information about Port 8.
console#show dot1x interface gi1/0/8
Administrative Mode............... Enabled
Dynamic VLAN Creation Mode........ Disabled
Monitor Mode...................... Disabled
Port Admin Oper Reauth Reauth
Mode Mode Control Period
------- ---------------- ------------ -------- ----------
Gi1/0/8 mac-based Authorized FALSE 3600
Quiet Period................................... 60
Transmit Period................................ 30
Maximum Requests............................... 2
Max Users...................................... 3
VLAN Assigned.................................. 1 (Default)
Supplicant Timeout............................. 30
To Next Page
Loading...
Need help?
General