Dell POWEREDGE M1000E User Manual

Page 318

Advertising
background image

10-56

Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide

OL-13270-03

Chapter 10 Configuring IEEE 802.1x Port-Based Authentication

Configuring IEEE 802.1x Authentication

Note

You cannot enable MDA or multiauth mode on the authenticator switch interface that connects to one
more supplicant switches.

For overview information, see the

“802.1x Switch Supplicant with Network Edge Access Topology

(NEAT)” section on page 10-30

.

Note

The cisco-av-pairs must be configured as device-traffic-class=switch on the ACS, which sets the
interface as a trunk after the supplicant is successfuly authenticated.

Beginning in privileged EXEC mode, follow these steps to configure a switch as an authenticator:

This example shows how to configure a switch as an 802.1x authenticator:

Switch# configure terminal

Switch(config)# cisp enable

Switch(config)# interface gigabitethernet2/0/1

Switch(config-if)# switchport mode access

Switch(config-if)# authentication port-control auto

Switch(config-if)# dot1x pae authenticator

Switch(config-if)# spanning-tree portfast trunk

Beginning in privileged EXEC mode, follow these steps to configure a switch as a supplicant:

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

cisp enable

Enable CISP.

Step 3

interface interface-id

Specify the port to be configured, and enter interface configuration
mode.

Step 4

switchport mode access

(Optional) Set the port mode to access.

Step 5

authentication port-control auto

Set the port-authentication mode to auto.

Step 6

dot1x pae authenticator

Configure the interface as a port access entity (PAE) authenticator.

Step 7

spanning-tree portfast

Enable Port Fast on an access port connected to a single workstation or
server..

Step 8

end

Return to privileged EXEC mode.

Step 9

show running-config interface
interface-id

Verify your configuration.

Step 10

copy running-config startup-config

(Optional) Save your entries in the configuration file.

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

cisp enable

Enable CISP.

Step 3

dot1x credentials profile

Create 802.1x credentials profile. This must be attached to the port that
is configured as supplicant.

Step 4

username suppswitch

Create a username.

Advertising
Popular Brands
Popular manuals