802.1X-related protocols ·································································································································· 85
Packet formats ········································································································································· 85
EAP over RADIUS ··································································································································· 86
802.1X client as the initiator ····················································································································· 87
EAP relay ················································································································································· 89
EAP termination ······································································································································· 90
Configuring 802.1X ······················································································ 92
Access control methods ··································································································································· 92
802.1X VLAN manipulation ······························································································································ 92
Authorization VLAN ·································································································································· 92
Guest VLAN ············································································································································· 94
Auth-Fail VLAN ········································································································································ 96
Critical VLAN ············································································································································ 97
Critical voice VLAN ·································································································································· 98
802.1X VSI manipulation·································································································································· 99
802.1X support for VXLANs ····················································································································· 99
Authorization VSI ··································································································································· 100
Guest VSI ··············································································································································· 100
Auth-Fail VSI ·········································································································································· 100
Critical VSI ············································································································································· 101
ACL assignment ····································································································································· 101
EAD assistant ········································································································································· 102
Redirect URL assignment ······················································································································ 103
Configuration prerequisites ···························································································································· 103
802.1X configuration task list ························································································································· 104
Enabling 802.1X ············································································································································· 104
Configuration procedure ························································································································· 108
Configuration procedure ························································································································· 109
Setting the quiet timer ···································································································································· 110
Overview ················································································································································ 110
Configuration prerequisites ···················································································································· 112
Configuration procedure ························································································································· 113
Configuration prerequisites ···················································································································· 114
Configuration procedure ························································································································· 114
ii