hit counter script

Authentication Manager For Port-Based Authentication - Cisco Catalyst 2960 series Configuration Manual

Consolidated platform configuration guide, ios release 15.2(4)e
Hide thumbs Also See for Catalyst 2960 series:
Table of Contents

Advertisement

If 802.1x authentication times out while waiting for an EAPOL message exchange and MAC authentication
bypass is enabled, the switch can authorize the client when the switch detects an Ethernet packet from the
client. The switch uses the MAC address of the client as its identity and includes this information in the
RADIUS-access/request frame that is sent to the RADIUS server. After the server sends the switch the
RADIUS-access/accept frame (authorization is successful), the port becomes authorized. If authorization fails
and a guest VLAN is specified, the switch assigns the port to the guest VLAN. If the switch detects an EAPOL
packet while waiting for an Ethernet packet, the switch stops the MAC authentication bypass process and
starts 802.1x authentication.
This figure shows the message exchange during MAC authentication bypass.
Figure 93: Message Exchange During MAC Authentication Bypass

Authentication Manager for Port-Based Authentication

Port-Based Authentication Methods
Table 123: 802.1x Features
Authentication method
802.1x
Mode
Single host
VLAN
assignment
Per-user ACL
Filter-ID
attribute
Downloadable
15
ACL
Redirect URL
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
Information About 802.1x Port-Based Authentication
Multiple host
MDA
VLAN
VLAN
assignment
assignment
Per-user ACL
Filter-Id attribute
Downloadable
ACL
Redirect URL
Multiple
Authentication
VLAN
assignment
Per-user ACL
Filter-Id attribute
Downloadable
ACL
Redirect URL
1323

Advertisement

Table of Contents
loading

Table of Contents