Configuring the 802.1X authentication method

This task specifies how the switch authenticates the credentials provided by a supplicant connected to a switch port configured as an 802.1X authenticator.


aaa authentication port-access <chap-radius|eap-radius|local>

Configures local, chap-radius, or eap-radius as the primary password authentication method for port-access. The default primary authentication is local. (See the documentation for your RADIUS server application.)

For switches covered in this guide, you must use the password port-access command to configure the operator username and password for 802.1X access.


Provides options for secondary authentication. The none option specifies that a backup authentication method is not used. The authorized option allows access without authentication. (default: none).

To enable the switch to perform 802.1X authentication using one or more EAP-capable RADIUS servers:

802.1X (port-access) authentication