49-64
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 49 Configuring 802.1X Port-Based Authentication
Configuring 802.1X Port-Based Authentication
Step 8
[Catalyst 4900M, Catalyst 4948E, Catalyst
4948E-F, Supervisor Engine 6-E, and
Supervisor Engine 6L-E]
Cisco IOS Release 12.2(50)SG and later
[Supervisor Engine 7-E, Supervisor Engine
7L-E, Supervisor Engine 8-E)]
Cisco IOS Release 15.0(1)XO and later
Switch(config-if)#
authentication
event server dead action authorize
[
vlan
vlan-id
]
Cisco IOS Release 12.2(46)SG or earlier
releases
Switch(config-if)#
dot1x critical
or
[Catalyst 4900M, Catalyst 4948E, Catalyst
4948E-F, Supervisor Engine 6-E, and
Supervisor Engine 6L-E]
Cisco IOS Release 15.0(2)SG and later
[Supervisor Engine 7-E, Supervisor Engine
7L-E, Supervisor Engine 8-E)]
Cisco IOS Release XE 3.2.0SG and later
Switch(config-if)#
[
no
]
authentication event server dead
action reinitialize
[
vlan
vlan-id
]
Enables the Inaccessible Authentication Bypass feature for data clients
on the port and specifies a VLAN into which data clients are assigned. If
no VLAN is specified, data clients are assigned into the configured data
VLAN on the port.
To disable the feature, use the
no authentication event server dead action authorize vlan
interface
configuration command (for earlier releases, use the
no dot1x critical
interface configuration command).
Alternatively, starting with Cisco IOS Release 15.0(2)SG you can enable
Inaccessible Authentication Bypass for data clients using the
authentication event server dead action reinitialize vlan
interface
configuration command which forces all authorized data clients to be
reauthenticated when RADIUS becomes unavailable and a client attempts
to authenticate. This only applies to data devices. Voice devices are
unaffected.
To disable it, use the
no authentication event server dead action
reinitialize vlan
interface configuration command.
Step 9
[Catalyst 4900M, Catalyst 4948E, Catalyst
4948E-F, Supervisor Engine 6-E, and
Supervisor Engine 6L-E]
Cisco IOS Release 15.0(2)SG and later
[Supervisor Engine 7-E, Supervisor Engine
7L-E, Supervisor Engine 8-E)]
Cisco IOS Release XE 3.2.0SG and later
Switch(config-if)#
authentication
event server dead action authorize
voice
(Optional) Enables Inaccessible Authentication Bypass for voice clients
on the port. This command applies to Multiple Domain Authentication
and Multiple Authentication modes.
To disable the feature, use the
no authentication event server dead
action authorize voice
interface configuration command.
Step 10
[Catalyst 4900M, Catalyst 4948E, Catalyst
4948E-F, Supervisor Engine 6-E, and
Supervisor Engine 6L-E]
Cisco IOS Release 12.2(50)SG and later
[Supervisor Engine 7-E, Supervisor Engine
7L-E, Supervisor Engine 8-E)]
Cisco IOS Release 15.0(1)XO and later
Switch(config-if)#
authentication
event server alive action
reinitialize
Cisco IOS Release 12.2(46)SG or earlier
releases
Switch(config-if)#
dot1x critical
recovery action reinitialize
(Optional) Specifies that the port should be reinitialized if it is critically
authorized and RADIUS becomes available.
The default is not to reinitialize the port.
Step 11
Switch(config)#
end
Returns to privileged EXEC mode.
Step 12
Switch#
show dot1x interface
interface-id
details
(Optional) Verifies your entries.
Step 13
Switch#
copy running-config
startup-config
(Optional) Saves your entries in the configuration file.
Command
Purpose
Содержание Catalyst 4500 Series
Страница 2: ......
Страница 4: ......
Страница 2086: ...Index IN 46 Software Configuration Guide Release IOS XE 3 9 0E and IOS 15 2 5 E ...