Showing results for 
Search instead for 
Did you mean: 

How to configure the 802.1x MDA on the Catalyst 4500 series switches


Core issue


The Multi-Domain Authentication (MDA) provides enhanced security for IP phone deployments. This allows an IP phone, either a Cisco or a third-party phone, and a single host behind the IP phone to independently authenticate with 802.1x.


What is 802.1x?

  • 802.1x is an IEEE standard for wireless networks. 802.1x is different than 802.11
  • The 802.1x standard enables an effective framework for authenticating and controlling user traffic to a protected network. 802.1x allows wireless services to have centralized authentication of wireless users or stations. 802.1x ties a protocol called Extensible Authentication Protocol (EAP) to the wireless local area network (WLAN) media.



The MDA is currently not supported on the Catalyst 4500 platform. This feature is only available on the 3560/3750 switches at this time with Cisco IOS  Software Release 12.2(35)SE.

The Catalyst 4500 supports this feature in the future Cisco IOS Software Release 12.2(37)SG.


In order to configure the MDA on the Catalyst 3560 switch with Cisco IOS Software Release 12.2.35 SE, refer to this configuration example: 


     Switch(config)#interface gigabitethernet0/1
     Switch(config-if)#dot1x port-control auto
     Switch(config-if)#dot1x host-mode multi-domain
     Switch(config-if)#switchport voice vlan 101

Refer to the Using Multidomain Authentication section of Configuring IEEE 802.1x Port-Based Authentication for more information.