Cisco Systems SG50028PK9NA Manual De Usuario

802.1X Configuration Through the GUI

396

Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 

The 802.1X Properties page is used to globally enable 802.1X and define how 
ports are authenticated. For 802.1X to function, it must be activated both globally 
and individually on each port.

To define port-based authentication:

Click Security > 802.1X/MAC/Web Authentication > Properties.

Enter the parameters.

•

Port-Based Authentication—Enable or disable port-based authentication.

If this is disabled 802.1X, MAC-based and web-based authentication is 
disabled.

•

Authentication Method—Select the user authentication methods. The 
options are:

-

RADIUS, None—Perform port authentication first by using the RADIUS 
server. If no response is received from RADIUS (for example, if the server 
is down), then no authentication is performed, and the session is 
permitted

. 

If the server is available but the user credentials are incorrect, 

access is denied and the session terminated.

-

RADIUS—Authenticate the user on the RADIUS server. If no 
authentication is performed, the session is not permitted.

-

None—Do not authenticate the user. Permit the session.

•

Guest VLAN—Select to enable the use of a guest VLAN for unauthorized 
ports. If a guest VLAN is enabled, all unauthorized ports automatically join 
the VLAN selected in the Guest VLAN ID field. If a port is later authorized, it 
is removed from the guest VLAN.

•

Guest VLAN ID—Select the guest VLAN from the list of VLANs.

•

Guest VLAN Timeout—Define a time period:

-

After linkup, if the software does not detect the 802.1X supplicant, or the 
authentication has failed, the port is added to the guest VLAN, only after 
the Guest VLAN timeout period has expired.