Switch Configuration

OcNOS-RON : Layer 2 Guide : Layer 2 Configuration Guide : 802.1X Configuration : Switch Configuration

Switch#configure terminal	Enter configure mode.
Switch(config)#port-security disable	Disable the port-security.
Switch(config)#dot1x system-auth-ctrl	Enable authentication globally.
Switch(config)#interface eth2	Enter interface mode.
Switch(config-if)#switchport	Enable switch port on interface.
Switch(config-if)#dot1x port-control auto	Enable authentication (via Radius) on port (eth2).
Switch(config-if)#exit	Exit interface mode.
Switch(config)#interface eth1	Enter interface mode.
Switch(config-if)#dot1x port-control auto	Enable authentication (via Radius) on port (eth1).
Switch(config-if)#exit	Exit interface mode.
Switch(config)#radius-server dot1x host 192.126.12.1 auth-port 1812	Specify the Radius Server address (192.126.12.1) and port.
Switch(config)#radius-server dot1x host 192.126.12.1 key 0 testing124	Specify the host IP and key with string name between radius server and client.
Switch(config)#interface eth3	Enter interface mode.
Switch(config-if)#ip address 192.126.12.2/24	Set the IP address on interface eth3.

Validation

#show dot1x all

802.1X Port-Based Authentication Enabled

RADIUS server address: 192.168.1.1:60000

Next radius message id: 147

RADIUS client address: not configured

802.1X info for interface eth1

portEnabled: true - portControl: Auto

portStatus: Unauthorized - currentId: 29

protocol version: 2

reAuthenticate: disabled

reAuthPeriod: 3600

abort:F fail:F start:F timeout:F success:F

PAE: state: Connecting - portMode: Auto

PAE: reAuthCount: 1 - rxRespId: 0

PAE: quietPeriod: 60 - reauthMax: 2 - txPeriod: 30

BE: state: Idle - reqCount: 0 - idFromServer: 0

BE: suppTimeout: 30 - serverTimeout: 30

CD: adminControlledDirections: in - operControlledDirections: in

CD: bridgeDetected: false

KR: rxKey: false

KT: keyAvailable: false - keyTxEnabled: false

802.1X info for interface eth2