Enabling Periodic Reauthentication - Cisco Catalyst 4500 series Administration Manual
Hide thumbs
Also See for Catalyst 4500 series:
- Software configuration manual (2086 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
Chapter 46
Configuring 802.1X Port-Based Authentication
Cisco IOS Release 12.2(46)SG or earlier
Switch(config)# ip admission name rule1 proxy http
Switch(config)# fallback profile fallback1
Switch(config-fallback-profile)# ip access-group default-policy in
Switch(config-fallback-profile)# ip admission rule1
Switch(config-fallback-profile)# exit
Switch(config)# interface gigabit5/9
Switch(config-if)# switchport mode access
Switch(config-if)# dot1x port-control auto
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# authentication order dot1x mab webauth
Switch(config-if)# dot1x mac-auth-bypass eap
Switch(config-if)# adot1x fallback fallback1
Switch(config-if)# exit
Switch(config)# ip device tracking
Switch(config)# exit
Enabling Periodic Reauthentication
You can enable periodic 802.1X client reauthentication and specify how often it occurs. If you do not
specify a time value before enabling reauthentication, the interval between reauthentication attempts is
3600 seconds.
Automatic 802.1X client reauthentication is a per-interface setting and can be set for clients connected
to individual ports. To manually reauthenticate the client connected to a specific port, see the
the Quiet Period" section on page
To enable periodic reauthentication of the client and to configure the number of seconds between
reauthentication attempts, perform this task:
Command
Step 1
Switch# configure terminal
Step 2
Switch(config)# interface
interface-id
Step 3
Switch(config-if)# switchport mode
access
Step 4
Switch(config-if)# dot1x pae
authenticator
Step 5
Cisco IOS Release 12.2(50)SG and later
Switch(config-if)# authentication
periodic
Cisco IOS Release 12.2(46)SG or earlier
releases
Switch(config-if)# dot1x
reauthentication
OL_28731-01
46-86.
Purpose
Enters global configuration mode.
Enters interface configuration mode and specifies the interface to be
enabled for periodic reauthentication.
Specifies a nontrunking, nontagged single VLAN Layer 2 interface.
Enables 802.1X authentication on the port with default parameters.
Refer to the
"Default 802.1X Configuration" section on page
Enables periodic reauthentication of the client, which is disabled by
default.
To disable periodic reauthentication, use the no authentication periodic
interface configuration command (for earlier releases, use the
no dot1x reauthentication interface configuration command).
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
Configuring 802.1X Port-Based Authentication
"Changing
46-30.
46-83
Advertisement
Chapters
Table of Contents
Troubleshooting
