Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

802.1x authentication

Hi

I dont understand what i the following commands do, can someone please let me know

 

authentication control-direction in
 authentication event fail action authorize vlan 100
 authentication event server dead action authorize vlan 140
 authentication event server alive action reinitialize
 authentication host-mode multi-domain
 authentication open
 authentication order dot1x mab
 authentication priority dot1x mab
 authentication port-control auto
 authentication periodic
 authentication timer reauthenticate server
 authentication violation restrict

 

Thanks

 

Regards,

 

 

1 REPLY

HI, (config-if)

HI,

 

(config-if)#authentication control-direction in
this command is used to change the port control to unidirectional(means in one direction) or  or bidirectional(means in both direction).
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/53SG/command/reference/cmdref/ch2a_ins.html#wp1712844

(config-if)#authentication open
it enables access to a port so as to allow clients or devices to gain network access before authentication
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-xe-3se-3850-cr-book/sec-a1-xe-3se-3850-cr-book_chapter_010.html

(config-if)#authentication periodic
it enables or disables reauthentication on a port

(config-if)#authentication timer reauthentication
helps to configure the amount of timebetween periodic re-authentication attempts
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/12-2_52_se/command/reference/3750cr/cli1.html#wpmkr11888284

(config-if)#authentication port-control auto
this command causes the port to begin in a unauthorised state
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/53SG/command/reference/cmdref/ch2a_ins.html

(config-if)#authentication host-mode multi-domain
Allows one client on the voice vlan and multiple authenticated clients on the data vlans
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_8021x/configuration/15-2mt/sec-ieee-mda.html

(config-if)#authentication event server alive action reinitialize
it reinitialize an authorized session when a previously unreachable AAA server becomes available

(config-if)#authentication event server dead action authorize
to authorize auth manager sessions when AAA server becomes unreachable 
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-xe-3se-3850-cr-book/sec-a1-xe-3se-3850-cr-book_chapter_010.html

(config-if)#authentication violation restrict
helps to change the port to restricted mode when a new device connects by generating a system error message.
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-0_2_EX/security/command_reference/b_sec_152ex_2960-x_cr/b_sec_152ex_2960-x_cr_chapter_010.html

 

Regards

Aateek singh

Network Engineer

Spooster IT Services

111
Views
0
Helpful
1
Replies