Port-Based Authentication Manager Cli Commands - Cisco Catalyst 2960 series Configuration Manual
Consolidated platform configuration guide, ios release 15.2(4)e
Hide thumbs
Also See for Catalyst 2960 series:
- Software configuration manual (980 pages) ,
- Command reference manual (800 pages) ,
- Configuration manual (120 pages)
Table of Contents
Advertisement
Port-Based Authentication Manager CLI Commands
The authentication-manager interface-configuration commands control all the authentication methods, such
as 802.1x, MAC authentication bypass, and web authentication. The authentication manager commands
determine the priority and order of authentication methods applied to a connected host.
The authentication manager commands control generic authentication features, such as host-mode, violation
mode, and the authentication timer. Generic authentication commands include the authentication host-mode,
authentication violation, and authentication timer interface configuration commands.
802.1x-specific commands begin with the dot1x keyword. For example, the authentication port-control
auto interface configuration command enables authentication on an interface. However, the dot1x
system-authentication control global configuration command only globally enables or disables 802.1x
authentication.
Note
If 802.1x authentication is globally disabled, other authentication methods are still enabled on that port,
such as web authentication.
The authentication manager commands provide the same functionality as earlier 802.1x commands.
When filtering out verbose system messages generated by the authentication manager, the filtered content
typically relates to authentication success. You can also filter verbose messages for 802.1x authentication and
MAB authentication. There is a separate command for each authentication method:
• The no authentication logging verbose global configuration command filters verbose messages from
the authentication manager.
• The no dot1x logging verbose global configuration command filters 802.1x authentication verbose
messages.
• The no mab logging verbose global configuration command filters MAC authentication bypass (MAB)
verbose messages
Table 124: Authentication Manager Commands and Earlier 802.1x Commands
The authentication manager
commands in Cisco IOS
Release 12.2(50)SE or later
authentication
control-direction {both | in}
authentication event
The equivalent 802.1x
commands in Cisco IOS
Release 12.2(46)SE and earlier
dot1x control-direction
{both | in}
dot1x auth-fail vlan
dot1x critical (interface
configuration)
dot1x guest-vlan6
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
Information About 802.1x Port-Based Authentication
Description
Enable 802.1x authentication with the
wake-on-LAN (WoL) feature, and configure
the port control as unidirectional or
bidirectional.
Enable the restricted VLAN on a port.
Enable the
inaccessible-authentication-bypass feature.
Specify an active VLAN as an 802.1x guest
VLAN.
1325
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
