Configuring Security
Configuring 802. 1 X
STEP 4
STEP 1
STEP 2
STEP 3
Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x
Click Apply. The port settings are defined, and the Running Configuration file is
updated.
Defining Host and Session Authentication
The Host and Session Authentication page enables defining the mode in which
802.1X operates on the port and the action to perform if a violation has been
detected.
The 802.1X modes are:
•
Single—Only a single authorized host can access the port.
•
Multiple Host—Multiple hosts can be attached to a single 802.1X enabled
port. Only the first host must be authorized, and then the port is open for all
who want to access the network. If the host authentication fails, or an
EAPOL-logoff message is received, all attached clients are denied access
to the network.
•
Multiple Sessions—Enables the number of specific authorized hosts to
access the port. Each host is treated as if it was the first and only user and
must be authenticated. Filtering is based on the source MAC address.
To define 802.1X advanced settings for ports:
Click Security > 802.1X > Host and Session Authentication.
The authentication parameters are described for all ports. All fields except
Number of Violation are described in the Edit page. The Number of Violation field
displays the number of packets that arrive on the interface in a single-host mode
from a host for which the MAC address is not the supplicant MAC address.
Select a port, and click Edit.
Enter the parameters.
•
Interface—Enter a port number for which host authentication is enabled.
•
Host Authentication—Select one of the modes. These modes are described
above in Defining Host and Session Authentication.
The following fields are only relevant if you select Single in the Host
NOTE
Authentication field.
16
212