CLI Guide

Table Of Contents
Security Commands 930
ias
Use the internal authentication server user database for authentication.
This method cannot be used in conjunction with any other method.
none—Do not use
any authentication.
radius
Use the configured RADIUS server(s) for authentication.
Default Configuration
No default authentication method is defined, however, switch administrators
are allowed access to the switch console via 802.1X. Use the
dot1x user
command to restrict the ports over which users (or switch administrators)
may authenticate.
Command Mode
Global Configuration mode
User Guidelines
Only one default method may be configured. If the authentication method
fails, for example, the user-supplied password does not match, the user is
denied access.
For the RADIUS authentication method, if no RADIUS server can be
contacted, the supplicant fails authentication unless a critical voice or data
VLAN is configured.
The none method always allows access to the network and should therefore
be used with caution.
The ias method utilizes the internal authentication server for authentication.
Configure the ias database with the aaa ias-user command. Authentication
via the internal authentication server only supports the EAP-MD5 method.
Command History
Syntax updated in version 6.6 firmware.
Example
The following example configures 802.1x authentication to use no
authentication. Absent any other configuration, this command allows all
802.1x users to pass traffic through the switch.