0. First make you have a working FreeRadius server running and all is jolly. For details, see my previous post “To configure a freeradius server for a cisco switch”.
1. On the FreeRadius server, add a Dot1X Port-user in /etc/freeradius/users :
# IEEE802.1x user credentials
portuser Cleartext-Password := “test123”
Reply-Message = “Hello, %u”
Restart the daemon and start snoop port UDP.1812 for good measure.
3. On your Cisco Switch, add the Dot1X Authentication service to your Radius Servers:
(config) # aaa authentication dot1x default group radius
And of course tell the switch port to use Dot1X. Be aware that this is only used on Access Ports!
switchport access vlan 20
switchport mode access
dot1x pae authenticator
dot1x port-control auto
4. Connect your OS as supplicant. (=client)
On OSX this works straight out of the box, for Linux you have to create a Supplicant file.