ii
Access control methods ········································································································································ 74
Using 802.1X authentication with other features ······························································································ 74
Configuration prerequisites ··········································································································································· 79
802.1X configuration task list ······································································································································· 79
Enabling 802.1X ···························································································································································· 80
Configuration guidelines ······································································································································ 80
Configuration procedure ······································································································································ 80
Enabling EAP relay or EAP termination ······················································································································· 80
Setting the port authorization state ······························································································································ 81
Specifying an access control method ·························································································································· 82
Setting the maximum number of concurrent 802.1X users on a port ······································································· 82
Setting the maximum number of authentication request attempts ············································································· 82
Setting the 802.1X authentication timeout timers ······································································································· 83
Configuring the online user handshake function ········································································································ 83
Configuration guidelines ······································································································································ 84
Configuration procedure ······································································································································ 84
Configuring the authentication trigger function ·········································································································· 84
Configuration guidelines ······································································································································ 84
Configuration procedure ······································································································································ 85
Specifying a mandatory authentication domain on a port ························································································ 85
Configuring the quiet timer ··········································································································································· 85
Enabling the periodic online user re-authentication function ····················································································· 86
Configuration guidelines ······································································································································ 86
Configuration procedure ······································································································································ 86
Configuring an 802.1X guest VLAN ··························································································································· 87
Configuration guidelines ······································································································································ 87
Configuration prerequisites ·································································································································· 87
Configuration procedure ······································································································································ 87
Configuring an 802.1X Auth-Fail VLAN ······················································································································ 88
Configuration guidelines ······································································································································ 88
Configuration prerequisites ·································································································································· 88
Configuration procedure ······································································································································ 88
Configuring an 802.1X critical VLAN ························································································································· 89
Configuration guidelines ······································································································································ 89
Configuration prerequisites ·································································································································· 89
Configuration procedure ······································································································································ 89
Specifying supported domain name delimiters ··········································································································· 90
Displaying and maintaining 802.1X ··························································································································· 90
802.1X authentication configuration example ··········································································································· 90
Network requirements ··········································································································································· 90
Configuration procedure ······································································································································ 91
Verifying the configuration ··································································································································· 93
802.1X with guest VLAN and VLAN assignment configuration example ······························································· 93
Network requirements ··········································································································································· 93
Configuration procedure ······································································································································ 94
Verifying the configuration ··································································································································· 95
802.1X with ACL assignment configuration example ······························································································· 96
Network requirements ··········································································································································· 96
Configuration procedure ······································································································································ 96
Verifying the configuration ··································································································································· 97
Configuring EAD fast deployment ···························································································································· 98
Overview ········································································································································································· 98
Free IP ····································································································································································· 98
URL redirection ······················································································································································· 98