Configuring 802.1x Authentication
Configuring Flexible Authentication Ordering
Beginning in privileged EXEC mode, follow these steps:
Command
Step 1
configure terminal
Step 2
interface interface-id
Step 3
authentication order dot1x | mab {webauth} (Optional) Set the order of authentication methods used on a port.
Step 4
authentication priority dot1x | mab
{webauth}
Step 5
show authentication
Step 6
copy running-config startup-config
This example shows how to configure a port attempt 802.1x authentication first, followed by web
authentication as fallback method:
Switch# configure terminal
Switch(config)# interface gigabitethernet 1/0/1
Switch(config)# authentication order dot1x webauth
Configuring Open1x
Beginning in privileged EXEC mode:
Command
Step 1
configure terminal
Step 2
interface interface-id
Step 3
authentication control-direction {both | in}
Step 4
authentication fallback name
Step 5
authentication host-mode [multi-auth |
multi-domain | multi-host | single-host]
Step 6
authentication open
Step 7
authentication order dot1x | mab {webauth} (Optional) Set the order of authentication methods used on a port.
Step 8
authentication periodic
Step 9
authentication port-control {auto |
force-authorized | force-un authorized}
Step 10
show authentication
Step 11
copy running-config startup-config
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
1-74
Chapter 1
Configuring IEEE 802.1x Port-Based Authentication
Purpose
Enter global configuration mode.
Specify the port to be configured, and enter interface
configuration mode.
(Optional) Add an authentication method to the port-priority list.
(Optional) Verify your entries.
(Optional) Save your entries in the configuration file.
Purpose
Enter global configuration mode.
Specify the port to be configured, and enter interface
configuration mode.
(Optional) Configure the port control as unidirectional or
bidirectional.
(Optional) Configure a port to use web authentication as a
fallback method for clients that do not support 802.1x
authentication.
(Optional) Set the authorization manager mode on a port.
(Optional) Enable or disable open access on a port.
(Optional) Enable or disable reauthentication on a port.
(Optional) Enable manual control of the port authorization state.
(Optional) Verify your entries.
(Optional) Save your entries in the configuration file.
OL-25303-03