Configuring Nac Layer 2 802.1X Validation - Cisco Catalyst 2960 series Configuration Manual

How to Configure 802.1x Port-Based Authentication
-------------
eng-dept
hr-dept
This example shows how to add a VLAN to an existing VLAN group and to verify that the VLAN was added:
Switch(config)# vlan group eng-dept vlan-list 30
Switch(config)# show vlan group eng-dept
Group Name
-------------
eng-dept
This example shows how to remove a VLAN from a VLAN group:
Switch# no vlan group eng-dept vlan-list 10
This example shows that when all the VLANs are cleared from a VLAN group, the VLAN group is cleared:
Switch(config)# no vlan group eng-dept vlan-list 30
Vlan 30 is successfully cleared from vlan group eng-dept.
Switch(config)# show vlan group group-name eng-dept
This example shows how to clear all the VLAN groups:
Switch(config)# no vlan group end-dept vlan-list all
Switch(config)# show vlan-group all
For more information about these commands, see the Cisco IOS Security Command Reference.

Configuring NAC Layer 2 802.1x Validation

You can configure NAC Layer 2 802.1x validation, which is also referred to as 802.1x authentication with a
RADIUS server.
Beginning in privileged EXEC mode, follow these steps to configure NAC Layer 2 802.1x validation. The
procedure is optional.
SUMMARY STEPS
1. configure terminal
2. interface interface-id
3. switchport mode access
4. authentication event no-response action authorize vlan vlan-id
5. authentication periodic
6. authentication timer reauthenticate
7. end
8. show authentication sessions interface interface-id
9. copy running-config startup-config
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1392
--------------
10
20
Vlans Mapped
--------------
10,30