User Authentication3-473Web – Select Security, 802.1x, Configuration. Enable dot1x globally for the switch,modify any of the parameters required, and then click Apply.Figure 3-27. 802.1X ConfigurationCLI – This enables re-authentication and sets all of the global parameters for 802.1x .Configuring Port Authorization ModeWhen dot1x is enabled, you need to specify the dot1x authentication modeconfigured for each port.Command Attributes• Status – Indicates if authentication is enabled or disabled on the port.• Operation Mode – Allows single or multiple hosts (clients) to connect to an802.1X-authorized port. (Range: Single-Host, Multi-Host; Default: Single-Host)• Max Count – The maximum number of hosts that can connect to a port when theMulti-Host operation mode is selected. (Range: 1-20; Default: 5)• Mode – Sets the authentication mode to one of the following options:- Auto – Requires a dot1x-aware client to be authorized by the authenticationserver. Clients that are not dot1x-aware will be denied access.- Force-Authorized – Forces the port to grant access to all clients, eitherdot1x-aware or otherwise.- Force-Unauthorized – Forces the port to deny access to all clients, eitherdot1x-aware or otherwise.Console(config)#dot1x re-authentication 4-81Console(config)#dot1x max-req 5 4-79Console(config)#dot1x timeout quiet-period 40 4-82Console(config)#dot1x timeout re-authperiod 5 4-82Console(config)#dot1x timeout tx-period 40 4-83Console(config)#authentication dot1x default radius 4-79Console(config)#
