Table of Contents
Advertisement
Configuring IEEE 802.1x Authentication
This example shows how to configure only web authentication on a switch port:
Switch# configure terminal
Switch(config)# ip admission name rule1 proxy http
Switch(config)# interface gigabit0/1
Switch(config-if)# switchport mode access
Switch(config-if)# ip access-group policy1 in
Switch(config-if)# ip admission rule1
Switch(config-if)# end
Beginning in privileged EXEC mode, follow these steps to configure a switch port for IEEE 802.1x
authentication with web authentication as a fallback method:
Command
Step 1
configure terminal
Step 2
ip admission name rule proxy http
Step 3
fallback profile fallback-profile
Step 4
ip access-group policy in
Step 5
ip admission rule
Step 6
end
Step 7
interface interface-id
Step 8
switchport mode access
Step 9
dot1x port-control auto
Step 10
dot1x fallback fallback-profile
Step 11
exit
Step 12
show dot1x interface interface-id
Step 13
copy running-config startup-config
This example shows how to configure IEEE 802.1x authentication with web authentication.
Switch(config) configure terminal
Switch(config)# ip admission name rule1 proxy http
Switch(config)# fallback profile fallback1
Switch(config-fallback-profile)# ip access-group default-policy in
Switch(config-fallback-profile)# ip admission rule1
Switch(config-fallback-profile)# exit
Switch(config)# interface gigabit0/1
Switch(config-if)# switchport mode access
Switch(config-if)# dot1x port-control auto
Switch(config-if)# dot1x fallback fallback1
Switch(config-if)# end
Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide
8-42
Chapter 8
Configuring IEEE 802.1x Port-Based Authentication
Purpose
Enter global configuration mode.
Define a web authentication rule.
Define a fallback profile to allow an IEEE 802.1x port to
authenticate a client by using web authentication.
Specify the default access control list to apply to network traffic
before web authentication.
Associate an IP admission rule with the profile, and specify that
a client connecting by web authentication uses this rule.
Return to privileged EXEC mode.
Specify the port to be configured, and enter interface
configuration mode.
Set the port to access mode.
Enable IEEE 802.1x authentication on the interface.
Configure the port to authenticate a client by using web
authentication when no IEEE 802.1x supplicant is detected on the
port. Any change to the fallback-profile global configuration takes
effect the next time IEEE 802.1x fallback is invoked on the interface.
Web authorization cannot be used as a fallback method for
Note
IEEE 802.1x if the port is configured for multidomain
authentication.
Return to privileged EXEC mode.
Verify your configuration.
(Optional) Save your entries in the configuration file.
OL-8915-03
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
