Multiple hosts can be attached to a single 802.1x-enabled port. In
this mode, only one of the attached hosts must be successfully authorized for
all hosts to be granted network access. If the port becomes unauthorized, such
as in the case that re-authentication fails or an EAPOL-logoff message is
received, all attached clients are denied access to the network.
Beginning in privileged EXEC mode, follow these steps to allow multiple
hosts on an 802.1x-authorized port that has the dot1x
port-control interface configuration command set to
auto. The commands used in this process are shown in Figure
.
Step 1 Enter global configuration mode.
Step 2 Enter interface configuration mode, and specify the
interface to which multiple hosts are indirectly attached.
Step 3 Allow multiple hosts on an 802.1x-authorized port
with the dot1x multiple-hosts command. Make sure that the
dot1x port-control interface configuration command set is
set to auto for the specified interface.
Step 4 Return to privileged EXEC mode.
Step 5 Verify the configuration with the show dot1x
interface interface-id command.
To disable
multiple hosts on the port, use the no dot1x multiple-hosts
interface configuration command.
The example in Figure
shows
how to enable 802.1x on FastEthernet interface 0/1 and to allow multiple
hosts.