Configuring An Authenticator And A Supplicant Switch With Neat - Cisco Catalyst 2975 Software Configuration Manual
Ios release 12.2(55)se
Hide thumbs
Also See for Catalyst 2975:
- Hardware installation manual (62 pages) ,
- Brochure (19 pages) ,
- Getting started manual (17 pages)
Table of Contents
Advertisement
Configuring 802.1x Authentication
Configuring an Authenticator and a Supplicant Switch with NEAT
Configuring this feature requires that one switch outside a wiring closet is configured as a supplicant and
is connected to an authenticator switch.
For overview information, see the
Access Topology (NEAT)" section on page
Note
The cisco-av-pairs must be configured as device-traffic-class=switch on the ACS, which sets the
interface as a trunk after the supplicant is successfully authenticated.
Beginning in privileged EXEC mode, follow these steps to configure a switch as an authenticator:
Command
Step 1
configure terminal
Step 2
cisp enable
Step 3
interface interface-id
Step 4
switchport mode access
Step 5
authentication port-control auto
Step 6
dot1x pae authenticator
Step 7
spanning-tree portfast
Step 8
end
Step 9
show running-config interface
interface-id
Step 10
copy running-config startup-config
This example shows how to configure a switch as an 802.1x authenticator:
Switch# configure terminal
Switch(config)# cisp enable
Switch(config)# interface gigabitethernet2/0/1
Switch(config-if)# switchport mode access
Switch(config-if)# authentication port-control auto
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# spanning-tree portfast trunk
Beginning in privileged EXEC mode, follow these steps to configure a switch as a supplicant:
Command
Step 1
configure terminal
Step 2
cisp enable
Step 3
dot1x credentials profile
Step 4
username suppswitch
Catalyst 2975 Switch Software Configuration Guide
10-60
Chapter 10
"802.1x Supplicant and Authenticator Switches with Network Edge
10-30.
Purpose
Enter global configuration mode.
Enable CISP.
Specify the port to be configured, and enter interface configuration
mode.
Set the port mode to access.
Set the port-authentication mode to auto.
Configure the interface as a port access entity (PAE) authenticator.
Enable Port Fast on an access port connected to a single workstation or
server.
Return to privileged EXEC mode.
Verify your configuration.
(Optional) Save your entries in the configuration file.
Purpose
Enter global configuration mode.
Enable CISP.
Create 802.1x credentials profile. This must be attached to the port that
is configured as supplicant.
Create a username.
Configuring IEEE 802.1x Port-Based Authentication
OL-19720-02
- Quick Links:
- Management Options
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
