Configuring Security
Configuring 802. 1 X
Cisco 500 Series Stackable Managed Switch Administration Guide
-
802. 1 X Only—802. 1 X authentication is the only authentication method
performed on the port.
-
MAC Only—Port is authenticated based on the supplicant MAC address.
Only 8 MAC-based authentications can be used on the port.
-
802. 1 X and MAC—Both 802. 1 X and MAC-based authentication are
performed on the switch. The 802. 1 X authentication takes precedence.
For MAC authentication to succeed, the RADIUS server supplicant
NOTE
username and password must be the supplicant MAC address. The MAC
address must be in lower case letters and entered without the ":" or "-"
separators; for example: 0020aa00bbcc.
•
Periodic Reauthentication—Select to enable port re-authentication
attempts after the specified Reauthentication Period.
•
Reauthentication Period—Enter the number of seconds after which the
selected port is reauthenticated.
•
Reauthenticate Now—Select to enable immediate port re-authentication.
•
Authenticator State—Displays the defined port authorization state. The
options are:
-
Force-Authorized—Controlled port state is set to Force-Authorized
(forward traffic).
-
Force-Unauthorized—Controlled port state is set to Force-Unauthorized
(discard traffic).
If the port is not in Force-Authorized or Force-Unauthorized, it is in
NOTE
Auto Mode and the authenticator displays the state of the authentication
in progress. After the port is authenticated, the state is shown as
Authenticated.
•
Time Range—Enable a limit on the time that the specific port is authorized
for use if 802. 1 x has been enabled (Port -Based authentication is checked).
•
Time Range Name—Select the profile that specifies the time range.
•
Quiet Period—Enter the number of seconds that the switch remains in the
quiet state following a failed authentication exchange.
•
Resending EAP—Enter the number of seconds that the switch waits for a
response to an Extensible Authentication Protocol (EAP) request/identity
frame from the supplicant (client) before resending the request.
18
327