802.1x & Radius Auth Example

!-----透過aaa來指定802.1x所使用的認證機制
aaa new-model
aaa authentication dot1x default group radius

!-----啟動系統的802.1x認證機制
dot1x system-auth-control

!-----在介面上啟動802.1x認證機制
interface FastEthernet0/9
switchport mode access
dot1x port-control auto
!
interface FastEthernet0/10
switchport mode access
dot1x port-control auto

!-----指定連線到Radius主機所使用的IP位址
ip radius source-interface Loopback0

!-----指定用來認證的Radius主機位址
radius-server host 204.12.1.100

驗證方式
#show dot1x
Sysauthcontrol = Enabled
Supplicant Allowed In Guest Vlan = Disabled
Dot1x Protocol Version = 1

#show dot1x all
Dot1x Info for interface FastEthernet0/9
<output omitted>
HostMode = Single
PortControl = Auto
ControlDirection = Both
QuietPeriod = 60 Seconds
Re-authentication = Disabled
<output omitted>
Dot1x Info for interface FastEthernet0/10

#show aaa servers
RADIUS: id 1, priority 1, host 204.12.1.100, auth-port 1645, acct-port
1646
State: current UP, duration 3634s, previous duration 0s