Configuring Security
Configuring 802.1X
Cisco Small Business 200 1.1 Series Smart Switch Administration Guide
250
17
STEP 4
Click
Apply
. The port settings are defined, and the Running Configuration file is
updated.
Defining Host and Session Authentication
The
Host and Session Authentication
page enables defining the mode in which
802.1X operates on the port and the action to perform if a violation has been
detected.
The 802.1X modes are:
•
Single—Only a single authorized host can access the port. (Port Security
cannot be enabled on a port in single-host mode.)
•
Multiple Host (802.1X)—Multiple hosts can be attached to a single 802.1X-
enabled port. Only the first host must be authorized, and then the port is
open for all who want to access the network. If the host authentication fails,
or an EAPOL-logoff message is received, all attached clients are denied
access to the network.
•
Multiple Sessions—Enables the number of specific authorized hosts to
access the port. Each host is treated as if it were the first and only user and
must be authenticated. Filtering is based on the source MAC address.
To define 802.1X advanced settings for ports:
STEP 1
Click
Security
>
802.1X
>
Host and Session Authentication
. The
Host and
Session Authentication
page
displays.
802.1X authentication parameters are described for all ports. All fields except the
following are described in the
Edit Host and Session Authentication
page.
•
Status
—Displays the host status. An asterisk indicates that the port is either
not linked or is down. The options are:
-
Unauthorized
—Either the port control is
Force Unauthorized
and the
port link is down, or the port control is
Auto
but a client has not been
authenticated via the port.
-
Force-Authorized
—Clients have full port access.
-
Single-host Lock
—Port control is
Auto
and only a single client has been
authenticated by using the port.