DETAILED STEPS
PurposeCommand or Action
Enters global configuration mode.configure terminal
Example:
Switch# configure terminal
Step 1
Specifies the port to be configured, and enter interface
configuration mode.
interface interface-id
Example:
Switch(config)# interface gigabitethernet2/0/3
Step 2
Sets the port to access mode only if you configured the
RADIUS server.
switchport mode access
Example:
Switch(config-if)# switchport mode access
Step 3
Specifies an active VLAN as an 802.1x guest VLAN. The
range is 1 to 4094.
authentication event no-response action authorize vlan
vlan-id
Step 4
Example:
Switch(config-if)# authentication event
You can configure any active VLAN except an internal
VLAN (routed port), an RSPAN VLAN, or a voice VLAN
as an 802.1x guest VLAN.
no-response action authorize vlan 8
Enables periodic re-authentication of the client, which is
disabled by default.
authentication periodic
Example:
Switch(config-if)# authentication periodic
Step 5
Sets re-authentication attempt for the client (set to one
hour).
authentication timer reauthenticate
Example:
Switch(config-if)# authentication timer
Step 6
This command affects the behavior of the switch only if
periodic re-authentication is enabled.
reauthenticate
Returns to privileged EXEC mode.end
Example:
Switch(config-if)# end
Step 7
Catalyst 2960-XR Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX1
OL-29434-01 283
Configuring IEEE 802.1x Port-Based Authentication
Configuring NAC Layer 2 802.1x Validation
To Next Page
Loading...
Need help?
General