allows the client to access the network. Otherwise, network access is
denied and the port remains blocked.
The operation of 802.1X on the switch requires the following:
• The switch must have an IP address assigned.
• RADIUS authentication must be enabled on the switch and the IP
address of the RADIUS server specified.
• 802.1X must be enabled globally for the switch.
• Each switch port that will be used must be set to dot1x "Auto" mode.
• Each client that needs to be authenticated must have dot1x client
software installed and properly configured.
• The RADIUS server and 802.1X client support EAP. (The switch only
supports EAPOL in order to pass the EAP packets from the server to
the client.)
• The RADIUS server and client also have to support the same EAP
authentication type – MD5. (Some clients have native support in
Windows, otherwise the dot1x client must support it.)
Displaying 802.1X Global Settings
The 802.1X protocol provides client authentication.
Command Attributes
802.1X System Authentication Control – The global setting for
802.1X.
Web – Click Security, 802.1X, Information.
Figure 3-37 802.1X Global Information
U
A
SER
UTHENTICATION
3-89