Configure the 802.1X Authentication Method

This task specifies how the switch authenticates the credentials provided by a supplicant connected to a switch port configured as an 802.1X authenticator

You can configure local, chap-radius or eap-radius as the primary password authentication method for the port-access method. You also need to select none or authorized as a secondary, or backup, method.


aaa authentication port-access <chap-radius |eap-radius | local>

Configures local, chap-radius (MD5), or eap-radius as the primary password authentication method for port-access. The default primary authentication is local. (Refer to the documentation for your RADIUS server application.)

For switches covered in this guide, you must use the password port-access command to configure the operator user name and password for 802.1X access. See General Setup Procedure for 802.1X Access Control.


[<none | authorized>]

Provides options for secondary authentication. The none option specifies that a backup authentication method is not used. The authorized option allows access without authentication. (default: none).

To enable the switch to perform 802.1X authentication using one or more EAP-capable RADIUS servers:

802.1X (Port-Access) Authentication