Cisco Cisco Gigabit Ethernet Switch Module (CGESM) for HP Technical References
2-3
Cisco Gigabit Ethernet Switch Module for the HP p-Class BladeSystem Command Reference Guide
380265-002
Chapter 2 CGESM Switch Cisco IOS Commands
aaa authentication dot1x
aaa authentication dot1x
Use the aaa authentication dot1x global configuration command to specify the authentication,
authorization, and accounting (AAA) method to use on ports complying with IEEE 802.1x. Use the no
form of this command to disable authentication.
authorization, and accounting (AAA) method to use on ports complying with IEEE 802.1x. Use the no
form of this command to disable authentication.
aaa authentication dot1x {default} method1
no aaa authentication dot1x {default}
Syntax Description
Note
Though other keywords are visible in the command-line help strings, only the default and group radius
keywords are supported.
keywords are supported.
Defaults
No authentication is performed.
Command Modes
Global configuration
Command History
Usage Guidelines
The method argument identifies the method that the authentication algorithm tries in the given sequence
to validate the password provided by the client. The only method that is truly IEEE 802.1x-compliant is
the group radius method, in which the client data is validated against a RADIUS authentication server.
to validate the password provided by the client. The only method that is truly IEEE 802.1x-compliant is
the group radius method, in which the client data is validated against a RADIUS authentication server.
If you specify group radius, you must configure the RADIUS server by entering the radius-server host
global configuration command.
global configuration command.
Use the show running-config privileged EXEC command to display the configured lists of
authentication methods.
authentication methods.
Examples
This example shows how to enable AAA and how to create an IEEE 802.1x-compliant authentication
list. This authentication first tries to contact a RADIUS server. If this action returns an error, the user is
not allowed access to the network.
list. This authentication first tries to contact a RADIUS server. If this action returns an error, the user is
not allowed access to the network.
Switch(config)# aaa new-model
Switch(config)# aaa authentication dot1x default group radius
You can verify your settings by entering the show running-config privileged EXEC command.
default
Use the listed authentication method that follows this argument as the default
method when a user logs in.
method when a user logs in.
method1
Enter the group radius keywords to use the list of all RADIUS servers for
authentication.
authentication.
Release
Modification
12.2(25)SE1
This command was introduced.