1. Главная
2. Ferds Tech Channel

How to Configure MAB as a Fallback on a Cisco IOS Switch | 802.1X | dot1x | Step by Step

⌚ TIMESTAMPS
0:00 Introduction
1:02 Global Configurations
2:51 Interface Configurations
5:25 Verification
6:32 Conclusion

Global Configurations
config t
!enable AAA.
aaa new-model
!create an 802.1x authentication method list.
aaa authentication dot1x default group radius
!configure the switch to use user-RADIUS authorization for all network-related service requests, such as per-user ACLs or VLAN assignment.
aaa authorization network default group radius
!define the server.
radius server RADIUS_SERVER
address ipv4 10.10.10.2 auth-port 1812 acct-port 1813
key radiuspass
exit
!enable IEEE 802.1x authentication globally on the switch.
dot1x system-auth-control


Interface Configurations
interface GigabitEthernet 0/0
!no need to configure port security as it is redundant.
no switchport port-security
!
switchport access vlan 30
!configure the port as an access mode to support dot1x.
switchport mode access
!enable the port to respond to messages meant for an IEEE 802.1x authenticator.
dot1x pae authenticator
!allow one authentication on a voice VLAN and multiple authentications on the data VLAN.
authentication host-mode multi-auth
!authentication starts when the link state changes from down to up.
authentication port-control auto
!configure MAB as a fallback in case dot1x fails.
authentication order dot1x mab
!enble MAB.
mab
!configure authentication priority.
authentication priority dot1x mab
!
exit
!
wr

Verification

1. show dot1x all statistics - Displays 802.1x statistics for all ports
2. show dot1x interface g0/0 statistics - Displays 802.1x statistics for a specific port
3. show dot1x all [count | details | statistics | summary] - Displays the 802.1x administrative and operational status for a switch
4. show dot1x interface g0/0 - Displays the 802.1x administrative and operational status for a specific port
5. show dot1x all summary
6. show authentication sessions


🔔 Subscribe to my YouTube channel:
   / @ferdsthenetworkguy  

Facebook Page:   / ferdsthenetworkguy  

📃Playlist of all my videos on 802.1X:
   • 802.1X  


References:
https://www.cisco.com/c/en/us/td/docs...
https://www.cisco.com/c/en/us/td/docs...
https://www.ciscozine.com/802-1x-inte...
https://www.ciscozine.com/dot1x-globa...
https://community.cisco.com/t5/wirele...
https://www.cisco.com/c/en/us/td/docs...

Document: https://docs.google.com/document/d/12...

#cisco #ccna #ccnp #ccie

play_arrow

688

1

Service Catalog Update Process Automation - ServiceNow Connector for UiPath

play_arrow

35

8

Apa Itu Halving Bitcoin? Bisa Bikin Bitcoin Jadi Makin Langka ?

play_arrow

125,569

3.7 тыс

⚡️Дмитрий Потапенко⚡️ПУТИН ПРОТИВ НАДЕЖДИНА. БУМ КРЕДИТОВ. ​⁠

play_arrow

39

0

Task 6: Create the Decision Tree classifier and visualize it graphically.

play_arrow

417

10

№23 Упражнение для группы букв: ЗХЪ. Клавиатурный нейротренажёр Андреева

play_arrow

5,087

39

Armlifting battle. Apollon Axle 150 kg. 50 mm barbell.

play_arrow

127

19

Песня Клип про СУПЕР КОТ И ЛЕДИ БАГ rasa ПАРОДИЯ ! 4 СЕЗОН ВСЕ СЕРИИ В НЬЮ ЙОРКЕ 100%

play_arrow

1,148

58

This Design Trick Changed EVERYTHING! 😱 | Adobe Illustrator | Object On Path