EasyManuals Logo
Home>Cisco>Switch>IE-5000

Cisco IE-5000 User Manual

Cisco IE-5000
1066 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #226 background imageLoading...
Page #226 background image
222
Configuring IEEE 802.1x Port-Based Authentication
How to Configure IEEE 802.1x Port-Based Authentication
Configuring the Host Mode
This task describes how to configure a single host (client) or multiple hosts on an 802.1x-authorized port.
5. switchport mode access Sets the port to access mode.
6. authentication violation {shutdown |
restrict | protect | replace}
Configures the violation mode.
shutdown—Error-disables the port.
restrict—Generates a syslog error.
protect—Drops packets from any new device that sends traffic to the
port.
replace—Removes the current session and authenticates with the
new host.
7. end Returns to privileged EXEC mode.
8. show authentication Verifies your entries.
9. copy running-config startup-config (Optional) Saves your entries in the configuration file.
Command Purpose
Command Purpose
1. configure terminal Enters global configuration mode.
2. radius-server vsa send authentication Configures the network access server to recognize and use
vendor-specific attributes (VSAs).
3. interface interface-id Specifies the port to which multiple hosts are indirectly attached, and
enter interface configuration mode.
4. authentication host-mode [multi-auth
| multi-domain | multi-host |
single-host]
The keywords have these meanings:
multi-auth—Allows one client on the voice VLAN and multiple
authenticated clients on the data VLAN. Each host is individually
authenticated.
Note: The multi-auth keyword is only available with the authentication
host-mode command.
multi-host—Allows multiple hosts on an 802.1x-authorized port after
a single host has been authenticated.
multi-domain—Allows both a host and a voice device, such as an IP
phone (Cisco or non-Cisco), to be authenticated on
an 802.1x-authorized port.
Note: You must configure the voice VLAN for the IP phone when the host
mode is set to multi-domain. For more information, see Configuring
Voice VLAN, page 309
single-host—Allows a single host (client) on an 802.1x-authorized
port.
Make sure that the authentication port-control interface configuration
command set is set to auto for the specified interface.
5. switchport voice vlan vlan-id (Optional) Configures the voice VLAN.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco IE-5000 and is the answer not in the manual?

Cisco IE-5000 Specifications

General IconGeneral
BrandCisco
ModelIE-5000
CategorySwitch
LanguageEnglish

Related product manuals