Configuring An Authenticator And A Supplicant Switch With Neat - Cisco Catalyst 3750-X Software Configuration Manual
Hide thumbs
Also See for Catalyst 3750-X:
- Command reference manual (1244 pages) ,
- Message manual (150 pages) ,
- Getting started manual (22 pages)
Table of Contents
Advertisement
Chapter 11
Configuring IEEE 802.1x Port-Based Authentication
Command
dot1x timeout reauth-period {seconds |
Step 5
server}
Step 6
end
Step 7
show authentication interface-id
or
show dot1x interface interface-id
Step 8
copy running-config startup-config
This example shows how to configure NAC Layer 2 802.1x validation:
Switch# configure terminal
Switch(config)# interface gigabitethernet2/0/1
Switch(config-if)# dot1x reauthentication
Switch(config-if)# dot1x timeout reauth-period server
Configuring an Authenticator and a Supplicant Switch with NEAT
Configuring this feature requires that one switch outside a wiring closet is configured as a supplicant and
is connected to an authenticator switch.
For overview information, see the
Access Topology (NEAT)" section on page
The cisco-av-pairs must be configured as device-traffic-class=switch on the ACS, which sets the
Note
interface as a trunk after the supplicant is successfully authenticated.
Beginning in privileged EXEC mode, follow these steps to configure a switch as an authenticator:
Command
Step 1
configure terminal
Step 2
cisp enable
Step 3
interface interface-id
Step 4
switchport mode access
Step 5
authentication port-control auto
Step 6
dot1x pae authenticator
OL-21521-01
Purpose
Set the number of seconds between re-authentication attempts.
The keywords have these meanings:
seconds—Sets the number of seconds from 1 to 65535; the default is
•
3600 seconds.
server—Sets the number of seconds based on the value of the
•
Session-Timeout RADIUS attribute (Attribute[27]) and the
Termination-Action RADIUS attribute (Attribute [29]).
This command affects the behavior of the switch only if periodic
re-authentication is enabled.
Return to privileged EXEC mode.
Verify your 802.1x authentication configuration.
(Optional) Save your entries in the configuration file.
"802.1x Supplicant and Authenticator Switches with Network Edge
11-29.
Purpose
Enter global configuration mode.
Enable CISP.
Specify the port to be configured, and enter interface configuration
mode.
Set the port mode to access.
Set the port-authentication mode to auto.
Configure the interface as a port access entity (PAE) authenticator.
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
Configuring 802.1x Authentication
11-59
- Quick Links:
- Table of Contents
- Deployment Features
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
