Can anyone give greater detail on the 802.1x functionality of these switches? For example to they support multi-domain authentication, multiple radius servers and dynamic VLAN allocation. Can I canfigure inaccesible authentication bypass?
I am not an 802.1x expert but take a look at chapter 19 of admin guide and see if you still have questions: http://www.cisco.com/c/dam/en/us/td/docs/switches/lan/csbms/sf30x_sg30x/administration_guide/78-19308-01.pdf
-- please remember to rate and mark answered helpful posts --
I can tell you the Sx300 series switches do support multiple RADIUS servers and dynamic VLAN allocation.
The one setting I don't think they support will be the MDA. There are ways to setup the 802.1x on these switches so that multiple different hosts can authenticate on the same port, however it is not as specifically meant for phones as MDA seems to be. Take a look at the Administration Guide. The section covering 802.1x starts on page 381 (418 in the PDF). Read over how the multi-host authentication works, you may be able to get what you need out of that.
As for inaccessible authentication bypass, from what I have read on that feature it allows you to set certain ports as critical, meaning if the RADIUS server cannot be reached they will be allowed onto the network anyway. The Small Business switches don't have that exact feature, however you can set it up to check the RADIUS first, then the local database. You could include only your critical devices in the local database, that way if the RADIUS server fails, they would just authenticate to the switch's database, and everyone else would be rejected until the RADIUS server came back online.
Hope that helps,
Christopher Ebert - Advanced Network Support Engineer
Sx550X, Sx350X, Sx250: PSE will Supply Power to Catalyst PSE Ports
May 31, 2016
June 5, 2017
Configure Remote Network Monitoring (RMON) Events Control Settings on a Switch through the Command Line Interface (CLI)
Remote Network Monitoring (RMON) was developed by the Internet Engineering Task Force (IETF) to support...