Cisco Catalyst 2960 Software Configuration Manual page 330
Hide thumbs
Also See for Catalyst 2960:
- Configuration manual (2288 pages) ,
- Command reference manual (800 pages) ,
- Hardware installation manual (108 pages)
Table of Contents
Advertisement
Configuring 802.1x Authentication
Command
Step 8
end
Step 9
show running-config interface
interface-id
Step 10
copy running-config startup-config
This example shows how to configure a switch as an 802.1x authenticator:
Switch# configure terminal
Switch(config)# cisp enable
Switch(config)# interface gigabitethernet2/0/1
Switch(config-if)# switchport mode access
Switch(config-if)# authentication port-control auto
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# spanning-tree portfast trunk
Beginning in privileged EXEC mode, follow these steps to configure a switch as a supplicant:
Command
Step 1
configure terminal
Step 2
cisp enable
Step 3
dot1x credentials profile
Step 4
username suppswitch
Step 5
password password
Step 6
dot1x supplicant force-multicast
Step 7
interface interface-id
Step 8
switchport trunk encapsulation
dot1q
Step 9
switchport mode trunk
Step 10
dot1x pae supplicant
Step 11
dot1x credentials profile-name
Step 12
end
Step 13
show running-config interface
interface-id
Step 14
copy running-config startup-config
This example shows how to configure a switch as a supplicant:
Switch# configure terminal
Switch(config)# cisp enable
Switch(config)# dot1x credentials test
Switch(config)# username suppswitch
Switch(config)#
Catalyst 2960 and 2960-S Switches Software Configuration Guide, Release 15.0(1)SE
10-62
Purpose
Return to privileged EXEC mode.
Verify your configuration.
(Optional) Save your entries in the configuration file.
Purpose
Enter global configuration mode.
Enable CISP.
Create 802.1x credentials profile. This must be attached to the port that
is configured as supplicant.
Create a username.
Create a password for the new username.
Force the switch to send only multicast EAPOL packets when it receives
either unicast or multicast packets.
This also allows NEAT to work on the supplicant switch in all host
modes.
Specify the port to be configured, and enter interface configuration
mode.
Set the port to trunk mode.
Configure the interface as a VLAN trunk port.
Configure the interface as a port access entity (PAE) supplicant.
Attach the 802.1x credentials profile to the interface.
Return to privileged EXEC mode.
Verify your configuration.
(Optional) Save your entries in the configuration file.
password myswitch
Chapter 10
Configuring IEEE 802.1x Port-Based Authentication
OL-26520-01
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
