Name: Cisco Catalyst 3560-X
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

1-60

Catalyst 3750-X and 3560-X Switch Software Configuration Guide

OL-25303-03

Chapter 1 Configuring IEEE 802.1x Port-Based Authentication

Configuring 802.1x Authentication

The following example shows how to create a DHCP filter containing a list of options:

Switch> enable

Switch# configure terminal

Switch(config)# device-sensor filter-list dhcp list dhcp-list

Switch(config-sensor-dhcplist)# option name domain-name

Switch(config-sensor-dhcplist)# option name host-name

Switch(config-sensor-dhcplist)# option number 50

Switch(config-sensor-dhcplist)# end

The following example shows how to apply a CDP TLV filter list to the Device Sensor output:

Switch> enable

Switch# configure terminal

Switch(config)# device-sensor filter-spec cdp include cdp-list1

The following example shows how to enable client notifications and accounting events for all TLV

changes:

Switch> enable

Switch# configure terminal

Switch(config)# device-sensor notify all-changes

Configuring a Guest VLAN

When you configure a guest VLAN, clients that are not 802.1x-capable are put into the guest VLAN

when the server does not receive a response to its EAP request/identity frame. Clients that are

802.1x-capable but that fail authentication are not granted network access. The switch supports guest

VLANs in single-host or multiple-hosts mode.

Beginning in privileged EXEC mode, follow these steps to configure a guest VLAN. This procedure is

optional.

Command Purpose

Step 1

configure terminal Enter global configuration mode.

Step 2

interface interface-id Specify the port to be configured, and enter interface configuration mode.

For the supported port types, see the “802.1x Authentication

Configuration Guidelines” section on page 1-39.

Step 3

switchport mode access

switchport mode private-vlan host

Set the port to access mode,

Configure the Layer 2 port as a private-VLAN host port.

Step 4

dot1x port-control auto Enable 802.1x authentication on the port.

Step 5

authentication event no-response

action authorize vlan vlan-id

Specify an active VLAN as an 802.1x guest VLAN. The range is 1 to

4094.

You can configure any active VLAN except an internal VLAN (routed

port), an RSPAN VLAN, a primary private VLAN, or a voice VLAN as

an 802.1x guest VLAN.

Step 6

end Return to privileged EXEC mode.

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 3560-X and is the answer not in the manual?

Cisco Catalyst 3560-X Specifications

General

Enclosure Type	Rack-mountable - 1U
Subtype	Gigabit Ethernet
Ports	48 x 10/100/1000 + 4 x SFP
Flash Memory	64 MB
Power Device	Internal power supply
Voltage Required	AC 120/230 V (50/60 Hz)
Operating System	Cisco IOS
Device Type	Switch
Performance	Switching capacity: 128 Gbps
Jumbo Frame Support	Yes
Routing Protocol	RIP-1, RIP-2, EIGRP
Remote Management Protocol	SNMP 1, RMON 1, RMON 2, RMON 3, RMON 9, Telnet, SNMP 3, HTTP, HTTPS
Features	DHCP support, VLAN support, QoS, IPv6 support, Syslog
Compliant Standards	IEEE 802.3, IEEE 802.3u, IEEE 802.3z, IEEE 802.1D, IEEE 802.1Q, IEEE 802.3ab, IEEE 802.1p, IEEE 802.3af, IEEE 802.3x, IEEE 802.3ad, IEEE 802.1w, IEEE 802.1x, IEEE 802.1s, IEEE 802.3ah, IEEE 802.1ag, IEEE 802.3at
Stacking	Stackable
Security Features	SSH, RADIUS, TACACS+
Management	CLI
Dimensions (H x W x D)	17.5 in
Operating Temperature	32 to 113 °F (0 to 45 °C)
Humidity	10 - 95% (non-condensing)