Cisco WS-C3560V2-24TS-E Command Reference - Page 112
dot1x
View all Cisco WS-C3560V2-24TS-E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 112 highlights
dot1x Chapter 2 Catalyst 3560 Switch Cisco IOS Commands dot1x Use the dot1x global configuration command to globally enable IEEE 802.1x. Use the no form of this command to return to the default setting. dot1x {system-auth-control} | {guest-vlan supplicant} no dot1x {system-auth-control} | {guest-vlan supplicant} Syntax Description system-auth-control Enable IEEE 802.1x globally on the switch. guest-vlan supplicant Enable optional guest VLAN behavior globally on the switch. Defaults IEEE 802.1x is disabled, and the optional guest VLAN behavior is disabled. Command Modes Global configuration Command History Release 12.1(19)EA1 12.2(25)SE Modification This command was introduced. The guest-vlan supplicant keywords were added. Usage Guidelines You must enable authentication, authorization, and accounting (AAA) and specify the authentication method list before globally enabling IEEE 802.1x. A method list describes the sequence and authentication methods to be used to authenticate a user. Before globally enabling IEEE 802.1x on a switch, remove the EtherChannel configuration from the interfaces on which IEEE 802.1x and EtherChannel are configured. If you are using a device running the Cisco Access Control Server (ACS) application for IEEE 802.1x authentication with EAP-Transparent LAN Services (TLS) and with EAP-MD5, make sure that the device is running ACS Version 3.2.1 or later. You can use the guest-vlan supplicant keywords to enable the optional IEEE 802.1x guest VLAN behavior globally on the switch. For more information, see the dot1x guest-vlan command. Examples This example shows how to globally enable IEEE 802.1x on a switch: Switch(config)# dot1x system-auth-control This example shows how to globally enable the optional guest VLAN behavior on a switch: Switch(config)# dot1x guest-vlan supplicant You can verify your settings by entering the show dot1x [interface interface-id] privileged EXEC command. 2-80 Catalyst 3560 Switch Command Reference 78-16405-05