X Host Mode - Cisco Catalyst 4500 series Administration Manual
Hide thumbs
Also See for Catalyst 4500 series:
- Software configuration manual (2086 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
Chapter 46
Configuring 802.1X Port-Based Authentication
Figure 46-3 Authentication Flowchart
Start
Client IEEE
802.1x capable?
Yes
Start IEEE 802.1x port-based
authentication
Client
identity is
invalid
Assign port to
restricted VLAN
Done
Authentication
All authentication
servers are up.
servers are down.
Assign port to
critically authorized
VLAN
Done
802.1X Host Mode
The 802.1X port's host mode determines whether more than one client can be authenticated on the port
and how authentication is enforced. You can configure an 802.1X port to use any of the five host modes
described in the following sections. In addition, each mode can be modified to allow preauthentication
open access:
•
•
•
•
OL_28731-01
No
IEEE 802.1x authentication
process times out
The switch gets an
EAPOL message,
and the EAPOL
message exchange
begins.
Client
identity is
valid
Assign port to
VLAN
Done
1 = This occurs if the switch does not detect EAPOL packets from the client.
Single-Host Mode, page 46-8
Multiple-Hosts Mode, page 46-8
Multidomain Authentication Mode, page 46-8
Multiauthentication Mode, page 46-9
Is MAC authentication
bypass enabled?
Yes
Use MAC authentication
1
bypass
Client MAC
Client MAC
address
address
identity
identity
is valid.
is invalid.
Assign port to
Assign port to
VLAN
guest VLAN
Done
All authentication
servers are down.
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
About 802.1X Port-Based Authentication
1
No
1
Done
46-7
Advertisement
Chapters
Table of Contents
Troubleshooting
