Chapter 27
Configuring Switch Access Using AAA
This example shows how to enable 802.1x authentication on port 1 in module 4, initialize 802.1x
authentication on the same port, and verify the configuration:
Console> (enable) set port dot1x 4/1 port-control auto
Port 4/1 dot1x port-control is set to auto.
Trunking disabled for port 4/1 due to Dot1x feature.
Spantree port fast start option enabled for port 4/1.
Console> (enable) set port dot1x 4/1 initialize
Port 4/1 initializing...
Port 4/1 dot1x initialization complete.
Console> show port dot1x 4/1
Port
----- ------------------- ---------- ------------------- -------------
4/1
Port
----- ------------- -----------------
4/1
Setting and Enabling Automatic Reauthentication of the Supplicant
You can specify how often 802.1x authentication reauthenticates the supplicant if you do so prior to
enabling automatic 802.1x supplicant reauthentication. If you do not specify a time period prior to
enabling supplicant reauthentication, 802.1x defaults to 3600 seconds (valid values are from 1 to
65535 seconds).
Automatic 802.1x supplicant reauthentication can be enabled for supplicants connected to a specific
port. To manually reauthenticate the supplicant connected to a specific port, see the
Reauthenticating the Supplicant" section on page
To set how often 802.1x authentication reauthenticates the supplicant and enable automatic 802.1x
reauthentication, perform this task in privileged mode:
Task
Step 1
Set the time constant for reauthenticating the
supplicant.
Step 2
Enable reauthentication.
Step 3
Verify the 802.1x configuration.
This example shows how to set automatic reauthentication to 7200 seconds, enable 802.1x
reauthentication, and verify the configuration:
Console> (enable) set dot1x re-authperiod 7200
dot1x re-authperiod set to 7200 seconds
Console> (enable) set port dot1x 4/1 re-authentication enable
Port 4/1 re-authentication enabled.
Console> (enable) show port dot1x 4/1
Port
----- ------------------- ---------- ------------------- -------------
4/1
Port
----- ------------- -----------------
4/1
78-12647-02
Auth-State
BEnd-State Port-Control
connecting
finished
Multiple-Host Re-authentication
disabled
disabled
Auth-State
BEnd-State Port-Control
connecting
finished
Multiple Host Re-authentication
disabled
enabled
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
Port-Status
auto
unauthorized
27-42.
Command
set dot1x re-authperiod seconds
set port dot1x mod/port re-authentication enable
show port dot1x mod/port
Port-Status
auto
unauthorized
Configuring Authentication
"Manually
27-41