Configuring 802.1X
Configuring 802.1X on a port is a two-step process:
1. Enable 802.1X globally. See page 77.
2. Enable 802.1X on an interface. See page 77.
Related Configuration Tasks
•
Configuring Request Identity Re-transmissions on page 79
•
Configuring Port-control on page 82
•
Re-authenticating a Port on page 82
•
Configuring Timeouts on page 83
•
Configuring a Guest VLAN on page 86
•
Configuring an Authentication-fail VLAN on page 86
Important Points to Remember
•
FTOS supports 802.1X with EAP-MD5, EAP-OTP, EAP-TLS, EAP-TTLS, PEAPv0, PEAPv1, and
MS-CHAPv2 with PEAP.
•
E-Series and C-Series support only RADIUS as the authentication server.
•
802.1X is not supported on port-channels or port-channel members.
Enabling 802.1X
802.1X must be enabled globally and at the interface level.
802.1X | 77