Specifications
User Authentication
2-37
2
CLI – This example enables re-authentication and sets all of the global parameters
for dot1x.
Configuring Port Authorization Mode
When dot1x is enabled, you need to specify the dot1x authentication mode
configured for each port.
Command Attributes
• Status - Indicates if authentication is enabled or disabled on the port.
• Mode – Sets the authentication mode to one of the following options:
- Auto – Requires a dot1x-aware client to be authorized by the authentication
server. Clients that are not dot1x-aware will be denied access.
- Force-Authorized – Forces the port to grant access to all clients, either
dot1x-aware or otherwise.
- Force-Unauthorized – Forces the port to deny access to all clients, either
dot1x-aware or otherwise.
• Authorized –
- Yes – Connected client is authorized.
- No – Connected client is not authorized.
- Blank – Displays nothing when dot1x is disabled on a port.
• Supplicant – Indicates the MAC address of a connected client.
• Trunk – Indicates if the port is configured as a trunk port.
Web - Select 802.1X, 802.1X Port Configuration.
Figure 2-24 Selecting 802.1X Authentication Status per Port
Console(config)#dot1x system-auth-control 3-59
Console(config)#dot1x max-req 5 3-60
Console(config)#dot1x re-authentication 3-63
Console(config)#dot1x timeout quiet-period 40 3-63
Console(config)#dot1x timeout re-authenticate 5 3-62
Console(config)#dot1x timeout tx-period 40 3-64
Console(config)#authentication dot1x default radius 3-60
Console(config)#