Authentication Manager Cli Commands - Cisco Catalyst 2975 Software Configuration Manual
Ios release 12.2(55)se
Hide thumbs
Also See for Catalyst 2975:
- Hardware installation manual (62 pages) ,
- Brochure (19 pages) ,
- Getting started manual (17 pages)
Table of Contents
Advertisement
Chapter 10
Configuring IEEE 802.1x Port-Based Authentication
Authentication Manager CLI Commands
The authentication-manager interface-configuration commands control all the authentication methods,
such as 802.1x, MAC authentication bypass, and web authentication. The authentication manager
commands determine the priority and order of authentication methods applied to a connected host.
The authentication manager commands control generic authentication features, such as host-mode,
violation mode, and the authentication timer. Generic authentication commands include the
authentication host-mode, authentication violation, and authentication timer interface
configuration commands.
802.1x-specific commands begin with the dot1x keyword. For example, the authentication
port-control auto interface configuration command enables authentication on an interface. However,
the dot1x system-authentication control global configuration command only globally enables or
disables 802.1x authentication.
If 802.1x authentication is globally disabled, other authentication methods are still enabled on that port,
Note
such as web authentication.
The authentication manager commands provide the same functionality as earlier 802.1x commands.
Table 10-2
Authentication Manager Commands and Earlier 802.1x Commands
The authentication manager
commands in Cisco IOS
Release 12.2(50)SE or later
authentication control-direction
{both | in}
authentication event
authentication fallback
fallback-profile
authentication host-mode
[multi-auth | multi-domain |
multi-host | single-host]
authentication order
authentication periodic
authentication port-control {auto
| force-authorized | force-un
authorized}
OL-19720-02
The equivalent 802.1x commands in
Cisco IOS Release 12.2(46)SE and
earlier
dot1x control-direction {both |
in}
dot1x auth-fail vlan
dot1x critical (interface
configuration)
dot1x guest-vlan6
dot1x fallback fallback-profile
dot1x host-mode {single-host |
multi-host | multi-domain}
dot1x mac-auth-bypass
dot1x reauthentication
dot1x port-control {auto |
force-authorized |
force-unauthorized}
Understanding IEEE 802.1x Port-Based Authentication
Description
Enable authentication with the wake-on-LAN
(WoL) feature, and configure the port control as
unidirectional or bidirectional.
Enable the restricted VLAN on a port.
Enable the inaccessible-authentication-bypass
feature.
Specify an active VLAN as an guest VLAN.
Configure a port to use web authentication as a
fallback method for clients that do not support
authentication.
Allow a single host (client) or multiple hosts on an
authorized port.
Provides the flexibility to define the order of
authentication methods to be used.
Enable periodic re-authentication of the client.
Enable manual control of the authorization state of
the port.
Catalyst 2975 Switch Software Configuration Guide
10-9
- Quick Links:
- Management Options
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
