Security: 802.1X Authentication
Port Authentication
366
Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4
18
Port Authentication
The Port Authentication page enables configuration of parameters for each port. Since some of
the configuration changes are only possible while the port is in Force Authorized state, such as
host authentication, it is recommended that you change the port control to Force Authorized
before making changes. When the configuration is complete, return the port control to its
previous state.
NOTE
A port with 802.1x defined on it cannot become a member of a LAG.
802.1x and Port Security cannot be enabled on same port at same time. If you enable port
security on an interface, the Administrative Port Control cannot be changed to Auto mode.
To define 802.1X authentication:
STEP 1
Click
Security > 802.1X Authentication
>
Port Authentication
.
This page displays authentication settings for all ports. In addition to the fields described on
the
Add
page, the following fields are displayed for each port:
•
Supplicant Status
—Either Authorized or Unauthorized for an interface on which
802.1x supplicant has been enabled.
•
Credentials
—Name of the credential structure used for the supplicant interface, so the
possible value is any name or N/A if the supplicant is not enabled. If a port has a
configured supplicant credential name, the value for the port control parameters is
Supplicant. This value overrides any other port control information received from the
port.
STEP 2
Select a port (excluding the OOB port), and click
Edit.
STEP 3
Enter the parameters.
•
Interface
—Select a port (excluding the OOB port).
•
Current Port Control
—Displays the current port authorization state. If the state is
Authorized
, the port is either authenticated or the
Administrative Port Control
is
Force
Authorized
. Conversely, if the state is
Unauthorized
, then the port is either not
authenticated or the
Administrative Port Control
is
Force Unauthorized
. If supplicant is
enabled on an interface, the current port control will be Supplicant.
•
Administrative Port Control
—Select the Administrative Port Authorization state.
The options are:
-
Force Unauthorized
—Denies the interface access by moving the interface into the
unauthorized state. The device does not provide authentication services to the client
through the interface.