8-6
Catalyst 2940 Switch Software Configuration Guide
78-15507-02
Chapter8 Configuring 802.1X Port-Based Authentication
Configuring 802.1X Authentication
Configuring 802.1X Authentication
These sections describe how to configure 802.1X port-based authentication on your switch:
• Default 802.1X Configuration, page 8-6
• 802.1X Configuration Guidelines, page 8-8
• Upgrading from a Previous Software Release, page 8-8
• Enabling 802.1X Authentication, page 8-9 (required)
• Configuring the Switch-to-RADIUS-Server Communication, page 8-10 (required)
• Enabling Periodic Re-Authentication, page 8-11 (optional)
• Manually Re-Authenticating a Client Connected to a Port, page 8-12 (optional)
• Changing the Quiet Period, page 8-12 (optional)
• Changing the Switch-to-Client Retransmission Time, page 8-13 (optional)
• Setting the Switch-to-Client Frame-Retransmission Number, page 8-14 (optional)
• Configuring the Host Mode, page 8-14 (optional)
• Resetting the 802.1X Configuration to the Default Values, page 8-15 (optional)
Default 802.1X Configuration
Table 8-1 shows the default 802.1X configuration.
Table 8-1 Default 802.1X Configuration
Feature Default Setting
Authentication, authorization, and
accounting (AAA)
Disabled.
RADIUS server
• IP address
• UDP authentication port
• Key
• None specified.
• 1812.
• None specified.
Switch 802.1X enable state Disabled.
Per-interface 802.1X enable state Disabled (force-authorized).
The port sends and receives normal traffic without
802.1X-based authentication of the client.
Periodic re-authentication Disabled.
Number of seconds between
re-authentication attempts
3600 seconds.
Quiet period 60 seconds (number of seconds that the switch remains in
the quiet state following a failed authentication exchange
with the client).
