802.1X Configuration
- 802.1X switch configuration resembles the AAA configuration.
- The Switch configuration treats 802.1X user authentication as another option for AAA authentication.
- Configuration Steps:
- As with other AAA authentication methods, enable AAA with global command
- As with other configurations using RADIUS servers, define the RADIUS servers ip address & encryption keys using command
- radius-server host
- radius-server key
- Similar to login authentication configuration, define the 802.1X authentication method (RADIUS only) using global commands
- aaa authentcation dot1x default
- for multiple groups aaa authentication dot1x group name
- Enable 802.1X globally using global command
- dot1x system auth-control
- Set each interface to use one of three operational settings using the command
- dot1x port-control { auto | force-authorized | force-unauthorized }
- using 802.1x (auto)
- not using 802.1x, but the interface is automatically authorized
- not using 802.1x, but the interface is automatically unauthorized