Configuring 802.1X With Voice Vlan - Cisco Catalyst 4500 series Administration Manual

Configuring 802.1X Port-Based Authentication
Cisco IOS Release 12.2(46)SG or earlier
Switch# configure terminal
Switch(config)# interface gigabitEthernet3/1
Switch(config-if)# switchport mode access
Switch(config-if)# dot1x port-control auto
Switch(config-if)# dot1x auth-fail vlan 40
Switch(config-if)# dot1x auth-fail max-attempts 3
Switch# show dot1x all
Sysauthcontrol
Dot1x Protocol Version
Critical Recovery Delay
Critical EAPOL
Dot1x Info for GigabitEthernet3/1
-----------------------------------
PAE
PortControl
ControlDirection
HostMode
ReAuthentication
QuietPeriod
ServerTimeout
SuppTimeout
ReAuthPeriod
ReAuthMax
MaxReq
TxPeriod
RateLimitPeriod
Auth-Fail-Vlan
Auth-Fail-Max-attempts
Switch#

Configuring 802.1X with Voice VLAN

Note You must configure 802.1X and voice VLAN simultaneously.
Note You cannot configure an authentication-failed VLAN and a voice VLAN on the same port. When you
try to configure these two features on the same port, a syslog message appears.
To enable 802.1X with voice VLAN, perform this task:
Command
Step 1
Switch# configure terminal
Step 2
Switch(config)# interface
interface-id
Step 3
Switch(config-if)# switchport
access vlan vlan-id
Step 4
Switch(config-if)# switchport mode
access
Step 5
Switch(config-if)# switchport voice
vlan vlan-id
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
46-74
Chapter 46
Enabled
2
100
Disabled
= AUTHENTICATOR
= AUTO
= Both
= SINGLE_HOST
= Disabled
= 60
= 0
= 30
= 3600 (Locally configured)
= 2
= 2
= 5
= 0
= 40
= 3
Purpose
Enters global configuration mode.
Enters interface configuration mode.
Sets the VLAN for a switched interface in access mode.
Specifies a nontrunking, nontagged single VLAN Layer 2 interface.
Sets the voice VLAN for the interface.
Configuring 802.1X Port-Based Authentication
OL_28731-01