Table of Contents
Advertisement
Configuring IEEE 802.1x Authentication
Command
Step 5
dot1x timeout reauth-period {seconds |
server}
Step 6
end
Step 7
show dot1x interface interface-id
Step 8
copy running-config startup-config
This example shows how to configure NAC Layer 2 IEEE 802.1x validation:
Switch# configure terminal
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# dot1x reauthentication
Switch(config-if)# dot1x timeout reauth-period server
Configuring Web Authentication
Beginning in privileged EXEC mode, follow these steps to configure authentication, authorization,
accounting (AAA) and RADIUS on a switch before configuring web authentication. The steps enable
AAA by using RADIUS authentication and enable device tracking.
Command
Step 1
configure terminal
Step 2
aaa new-model
Step 3
aaa authentication login default group
radius
Step 4
aaa authorization auth-proxy default
group radius
Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide
8-40
Chapter 8
Purpose
Set the number of seconds between re-authentication attempts.
The keywords have these meanings:
seconds—Sets the number of seconds from 1 to 65535; the default is
•
3600 seconds.
server—Sets the number of seconds based on the value of the
•
Session-Timeout RADIUS attribute (Attribute[27]) and the
Termination-Action RADIUS attribute (Attribute [29]).
This command affects the behavior of the switch only if periodic
re-authentication is enabled.
Return to privileged EXEC mode.
Verify your IEEE 802.1x authentication configuration.
(Optional) Save your entries in the configuration file.
Purpose
Enter global configuration mode.
Enable AAA.
Use RADIUS authentication. Before you can use this authentication
method, you must configure the RADIUS server. For more
information, see
Chapter 7, "Configuring Switch-Based
Authentication."
The console prompts you for a username and password on future
attempts to access the switch console after entering the aaa
authentication login command. If you do not want to be prompted for
a username and password, configure a second login authentication
list:
Switch# config t
Switch(config)# aaa authentication login line-console none
Switch(config)# line console 0
Switch(config-line)# login authentication line-console
Switch(config-line)# end
Use RADIUS for authentication-proxy (auth-proxy) authorization.
Configuring IEEE 802.1x Port-Based Authentication
OL-8915-03
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
