Configuring Flexible Authentication Ordering; Configuring Open1X - Cisco Catalyst 3750-E Software Configuration Manual
Hide thumbs
Also See for Catalyst 3750-E:
- Getting started manual (27 pages) ,
- Product support bulletin (6 pages) ,
- Configuration handbook (359 pages)
Table of Contents
Advertisement
Chapter 10
Configuring IEEE 802.1x Port-Based Authentication
There is no show command to confirm the status of VLAN ID-based MAC authentication. You can use
the debug radius accounting privileged EXEC command to confirm the RADIUS attribute 32. For more
information about this command, see the Cisco IOS Debug Command Reference, Release 12.2 at this
URL:
http://www.cisco.com/en/US/docs/ios/debug/command/reference/db_q1.html#wp1123741
This example shows how to globally enable VLAN ID-based MAC authentication on a switch:
Switch# config terminal
Enter configuration commands, one per line.
Switch(config)# mab request format attribute 32 vlan access-vlan
Switch(config-if)# exit
Configuring Flexible Authentication Ordering
Beginning in privileged EXEC mode, follow these steps:
Command
Step 1
configure terminal
Step 2
interface interface-id
Step 3
authentication order dot1x | mab {webauth} (Optional) Set the order of authentication methods used on a port.
Step 4
authentication priority dot1x | mab
{webauth}
Step 5
show authentication
Step 6
copy running-config startup-config
This example shows how to configure a port attempt 802.1x authentication first, followed by web
authentication as fallback method:
Switch# configure terminal
Switch(config)# interface gigabitethernet 1/0/1
Switch(config)# authentication order dot1x webauth
Configuring Open1x
Beginning in privileged EXEC mode:
Command
Step 1
configure terminal
Step 2
interface interface-id
Step 3
authentication control-direction {both | in}
Step 4
authentication fallback name
OL-9775-08
End with CNTL/Z.
Purpose
Enter global configuration mode.
Specify the port to be configured, and enter interface
configuration mode.
(Optional) Add an authentication method to the port-priority list.
(Optional) Verify your entries.
(Optional) Save your entries in the configuration file.
Purpose
Enter global configuration mode.
Specify the port to be configured, and enter interface
configuration mode.
(Optional) Configure the port control as unidirectional or
bidirectional.
(Optional) Configure a port to use web authentication as a
fallback method for clients that do not support 802.1x
authentication.
Catalyst 3750-E and 3560-E Switch Software Configuration Guide
Configuring 802.1x Authentication
10-65
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
