11-8. 802.1X Port Authentication
On most switches, ports are enabled by default and anyone who can plug into the port gains access to the network.
Port security using MAC addresses can control which devices can access a network on a given port but must be reconfigured if a device is moved.
802.1X provides a standard method for authorizing ports using client certificates or usernames.
802.1X uses a RADIUS server to provide authorization of a port for use.
Until an 802.1X port is authorized, it cannot be used to pass user traffic.
In 802.1X, the switch acts as a proxy between the client and the server to pass authentication information.
Configuration
To configure 802.1X port authentication, use the following steps.
1. | Enable 802.1X authentication globally: ... |
Get Cisco® Field Manual: Catalyst® Switch Configuration now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.