Chapter 44
Configuring 802.1X Port-Based Authentication
Command
Step 6
Switch(config-if)# dot1x pae
authenticator
Step 7
Cisco IOS Release 12.2(50)SG and later
and later
Switch(config-if)# authentication
port-control auto
Cisco IOS Release 12.2(46)SG or earlier
releases
Switch(config-if)# dot1x
port-control auto
Step 8
Switch(config-if)# end
Step 9
Switch(config)# end
Step 10
Switch# show dot1x interface
interface-id details
Step 11
Switch# copy running-config
startup-config
This example shows how to enable 802.1X with voice VLAN feature on Fast Ethernet interface 5/9:
Cisco IOS Release 12.2(50)SG and later
Switch# configure terminal
Switch(config)# interface fastethernet5/9
Switch(config-if)# switchport access vlan 2
Switch(config-if)# switchport mode access
Switch(config-if)# switchport voice vlan 10
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# authentication port-control auto
Switch(config-if)# end
Switch(config# end
Switch#
Cisco IOS Release 12.2(46)SG or earlier
Switch# configure terminal
Switch(config)# interface fastethernet5/9
Switch(config-if)# switchport access vlan 2
Switch(config-if)# switchport mode access
Switch(config-if)# switchport voice vlan 10
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# dot1x port-control auto
Switch(config-if)# end
Switch(config# end
Switch#
Configuring 802.1X with VLAN Assignment
For enabling dynamic VLAN assignment, no additional configuration is required in the switch. For
information on configuring Multiple- authentication (MDA), refer to the
Authentication and Multiple Authorization" section on page
must configure the Cisco ACS server.
OL-25340-01
Purpose
Enables 802.1X authentication on the port with default parameters.
Refer to the
"Default 802.1X Configuration" section on page
Enables 802.1X authentication on the interface.
Returns to configuration mode.
Returns to privileged EXEC mode.
(Optional) Verifies your entries.
(Optional) Saves your entries in the configuration file.
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
Configuring 802.1X Port-Based Authentication
"Configuring Multiple Domain
44-34. To enable VLAN assignment, you
44-27.
44-71