User Authentication
6-20
6
Configuring 802.1X Global Settings
The 802.1X protocol provides port authentication. The 802.1X protocol must be
enabled globally for the switch system before port settings are active.
Command Attributes
802.1X System Authentication Control
– Sets the global setting for 802.1X.
(Default: Disabled)
Web
– Select Security, 802.1X, Configuration. Enable 802.1X globally for the switch,
and click Apply.
Figure 6-10 802.1X Global Configuration
CLI
– This example enables 802.1X globally for the switch.
Configuring Port Settings for 802.1X
When 802.1X is enabled, you need to configure the parameters for the
authentication process that runs between the client and the switch (i.e.,
authenticator), as well as the client identity lookup process that runs between the
switch and authentication server. These parameters are described in this section.
Command Attributes
•
Status
– Indicates if authentication is enabled or disabled on the port.
(Default: Disabled)
•
Operation Mode
– Allows single or multiple hosts (clients) to connect to an
802.1X-authorized port. (Range: Single-Host, Multi-Host, MAC-Based; Default:
Single-Host)
- In Single-Host mode, only one host connected to a port can be authenticated for
network access.
- In Multi-Host mode, only one host connected to a port needs to pass
authentication for all other hosts to be granted network access. Similarly, a port
can become unauthorized for all hosts if one attached host fails re-authentication
or sends an EAPOL logoff message. The number of hosts allowed access to a
port operating in this mode is determined by the Max Count attribute described
below.
- In MAC-Based mode, each host connected to a port needs to pass
authentication. The number of hosts allowed access to a port operating in this
mode is limited only by the available space in the secure address table (i.e., up
to 1024 addresses).
Console(config)#dot1x system-auth-control
25-27
Console(config)#
Summary of Contents for ES4626F
Page 2: ......
Page 4: ...ES4626F ES4650F F1 1 0 2 E062009 R01 ST 149100000013A...
Page 6: ...ii...
Page 34: ...Getting Started...
Page 44: ...Introduction 1 10 1...
Page 62: ...Initial Configuration 2 18 2...
Page 64: ...Switch Management...
Page 76: ...Configuring the Switch 3 12 3...
Page 118: ...Basic Management Tasks 4 42 4...
Page 164: ...User Authentication 6 28 6...
Page 176: ...Access Control Lists 7 12 7...
Page 284: ...Quality of Service 14 8 14...
Page 294: ...Multicast Filtering 15 10 15...
Page 300: ...Domain Name Service 16 6 16...
Page 310: ...Dynamic Host Configuration Protocol 17 10 17...
Page 320: ...Configuring Router Redundancy 18 10 18...
Page 344: ...IP Routing 19 24 19...
Page 356: ...Unicast Routing 20 12 20 Web Click Routing Protocol RIP Statistics Figure 20 5 RIP Statistics...
Page 386: ...Unicast Routing 20 42 20...
Page 388: ...Command Line Interface...
Page 400: ...Overview of the Command Line Interface 21 12 21...
Page 466: ...SNMP Commands 24 16 24...
Page 520: ...Access Control List Commands 26 18 26...
Page 546: ...Rate Limit Commands 30 2 30...
Page 612: ...VLAN Commands 34 24 34...
Page 626: ...Class of Service Commands 35 14 35...
Page 670: ...DHCP Commands 39 16 39...
Page 716: ...IP Interface Commands 41 36 41...
Page 768: ...IP Routing Commands 42 52 42...
Page 770: ...Appendices...
Page 791: ......
Page 792: ...ES4626F ES4650F E062009 R01 ST 149100000013A...