NAC (dot1x)

A quick and dirty rip from CCO just for those who’re in a hurry:

Enabling 802.1x Authentication

To enable 802.1x port-based authentication, you must enable AAA and specify the authentication method list. A method list describes the sequence and authentication methods to be queried to authenticate a user.

The software uses the first method listed to authenticate users; if that method fails to respond, the software selects the next authentication method in the method list. This process continues until there is successful communication with a listed authentication method or until all defined methods are exhausted. If authentication fails at any point in this cycle, the authentication process stops, and no other authentication methods are attempted.

Beginning in privileged EXEC mode, follow these steps to configure 802.1x port-based authentication. This procedure is required.

SUMMARY STEPS

  1. configure terminal
  2. configure terminal
  3. aaa authentication dot1x {default | listname} method1 [method2…]
  4. interface interface-id
  5. dot1x port-control auto
  6. end
  7. show dot1x
  8. copy running-config startup-config
%d bloggers like this: