Specifications
Authentication Commands
3-59
3
802.1x Port Authentication
The switch supports IEEE 802.1x (dot1x) port-based access control that prevents
unauthorized access to the network by requiring users to first enter a user ID and
password for authentication. Client authentication is controlled centrally by a
RADIUS server.
dot1x system-auth-control
This command enables IEEE 802.1x globally for all ports. Use the no form to disable
802.1x globallay.
Syntax
[no] dot1x system-auth-control
Default Setting
Disabled
Command Mode
Global Configuration
Example
Table 3-35 802.1x Port Authentication Commands
Command Function Mode Page
dot1x system-auth-control Enables or disabled 802.1x globally GC 3-60
authentication dot1x default Sets the default authentication server type GC 3-60
dot1x default Resets all dot1x parameters to their default values GC 3-60
dot1x max-req Sets the maximum number of times that the switch
retransmits an EAP request/identity packet to the client
before it times out the authentication session
GC 3-60
dot1x port-control Sets dot1x mode for a port interface IC 3-61
dot1x operation-mode Allows single or multiple hosts on an dot1x port IC 3-62
dot1x re-authenticate Forces re-authentication on specific ports PE 3-62
dot1x re-authentication Enables re-authentication for all ports GC 3-63
dot1x timeout quiet-period Sets the time that a switch port waits after the Max
Request Count has been exceeded before attempting to
acquire a new client
GC 3-63
dot1x timeout re-authperiod Sets the time period after which a connected client must
be re-authenticated
GC 3-63
dot1x timeout tx-period Sets the time period during an authentication session that
the switch waits before re-transmitting an EAP packet
GC 3-64
show dot1x Shows all dot1x related information PE 3-64
Console(config)#dot1x system-auth-control
Console(config)#