2. Enable 802.1x Authentication on Selected Ports
This task configures the individual ports you want to operate as 802.1x
authenticators for point-to-point links to 802.1x-aware clients or switches.
(Actual 802.1x operation does not commence until you perform step 5 on page
5-16 to activate 802.1x authentication on the switch.)
Syntax: aaa port-access authenticator < port-list >
Enables specified ports to operate as 802.1x authenti-
cators with current per- port authenticator configura-
tion. To activate configured 802.1x operation, you
must enable 802.1x authentication. Refer to "5. Enable
802.1x Authentication on the switch" on page 5-16.
[control < authorized | auto | unauthorized >]
Configuring Port-Based Access Control (802.1x)
Configuring Switch Ports as 802.1x Authenticators
Controls authentication mode on the specified
port:
auto (the default): The device connected to the
port must support802.1x authentication and
provide valid credentials in order to get
network access.
authorized: Also termed Force Authorized. Grants
access to any device connected to the port. In
this case, the device does not have to provide
802.1x credentials or support 802.1x
authentication. (However, you can still
configure console, Telnet, or SSH security on
the port.)
unauthorized: Also termed Force Unauthorized. Do
not grant access to the network, regardless of
whether the device provides the correct
credentials and has 802.1x support. In this
state, the port blocks access to any connected
device.
5-11