•
Configuring MAC addresses for a dot1x Profile
•
Configuring static MAB and MAB profile
•
Enabling Critical-VLAN
•
Configuring Request Identity Re-Transmissions
•
Forcibly Authorizing or Unauthorizing a Port
•
Configuring a Quiet Period after a Failed Authentication
•
Re-Authenticating a Port
•
Configuring Timeouts
•
Configuring a Guest VLAN
•
Configuring an Authentication-Fail VLAN
Important Points to Remember
•
The system supports 802.1X with EAP-MD5, EAP-OTP, EAP-TLS, EAP-TTLS, PEAPv0, PEAPv1, and MS-
CHAPv2 with PEAP.
•
All platforms support only RADIUS as the authentication server.
•
If the primary RADIUS server becomes unresponsive, the authenticator begins using a secondary
RADIUS server, if configured.
•
802.1X is not supported on port-channels or port-channel members.
•
802.1X is not supported on a port when you configure the port as cascaded.
802.1X
102