40-14
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 40 Configuring 802.1X Authentication
Configuring 802.1X Authentication on the Switch
•
Configuring an 802.1X Unidirectional Controlled Port, page 40-25
•
Configuring 802.1X with ACL Assignments, page 40-26
•
Configuring 802.1X User Distribution, page 40-32
•
Enabling and Disabling 802.1X RADIUS Accounting and Tracking, page 40-34
•
Enabling and Disabling RADIUS Keepalive, page 40-36
•
Configuring the Authenticated Identity-to-Port Description Mappings, page 40-37
•
Configuring the DNS Resolution for a RADIUS Server Configuration, page 40-37
•
Configuring the Authentication Failure VLAN, page 40-38
•
Configuring a RADIUS Server Failover, page 40-40
•
Configuring 802.1X Authentication with Private VLANs, page 40-41
•
Using the show Commands, page 40-47
Enabling 802.1X Authentication Globally
You must enable 802.1X authentication for the entire system before you can configure it for the
individual ports. After you globally enable 802.1X authentication, you can configure the individual ports
for 802.1X authentication if the port meets the specific requirements that are required by 802.1X. To
enable 802.1X authentication for the individual ports, see the
“Enabling 802.1X Authentication for
Individual Ports” section on page 40-15
.
To enable 802.1X authentication globally, perform this task in privileged mode:
This example shows how to enable 802.1X authentication globally:
Console> (enable)
set dot1x system-auth-control enable
dot1x system-auth-control enabled.
Disabling 802.1X Authentication Globally
When 802.1X authentication is enabled for the entire system, you can disable it globally. When 802.1X
authentication is disabled globally, it is no longer available at any port (even ports that were previously
configured for it).
To disable 802.1X authentication globally, perform this task in privileged mode:
This example shows how to disable 802.1X authentication globally:
Console> (enable)
set dot1x system-auth-control disable
dot1x system-auth-control disabled.
Task
Command
Globally enable 802.1X authentication.
set dot1x system-auth-control enable
Task
Command
Globally disable 802.1X authentication.
set dot1x system-auth-control disable