13-44
Configuring Port-Based and User-Based Access Control (802.1X)
802.1X Open VLAN Mode
1. Enable 802.1X authentication on the individual ports you want to serve
as authenticators. (The switch automatically disables LACP on the ports
on which you enable 802.1X.) On the ports you will use as authenticators
with VLAN operation, ensure that the port-control parameter is set to
auto (the default). (Refer to “1. Enable 802.1X Authentication on Selected
Ports” on page 13-18.) This setting requires a client to support 802.1X
authentication (with 802.1X supplicant operation) and to provide valid
credentials to get network access.
2. Configure the 802.1X authentication type. Options include:
Syntax: aaa port-access authenticator < port-list > control auto
Activates 802.1X port-access on ports you have config-
ured as authenticators.
Syntax: aaa authentication port-access < local | eap-radius | chap-radius >
Determines the type of RADIUS authentication to use.
local: Use the switch’s local username and password
for supplicant authentication (the default).
eap-radiusUse EAP-RADIUS authentication. (Refer
to the documentation for your RADIUS server.
chap-radiusUse CHAP-RADIUS (MD5)
authentication. (Refer to the documentation for
your RADIUS server software.)
To Next Page
Loading...
Need help?
General