PKI applications ··················································································································································· 386
Creating a PKI entity ···················································································································································· 388
Creating a PKI domain ················································································································································ 390
Generating an RSA key pair······································································································································· 393
Destroying the RSA key pair ······································································································································· 394
Requesting a local certificate ······································································································································ 396
Retrieving and displaying a CRL ································································································································ 398
PKI configuration example ·········································································································································· 399
Configuration guidelines ············································································································································· 403
Configuring MAC authentication ··························································································································· 404
Overview ······································································································································································· 404
User account policies ·········································································································································· 404
Authentication methods······································································································································· 404
MAC authentication timers ································································································································· 405
VLAN assignment ················································································································································ 405
ACL assignment ··················································································································································· 405
Auth-Fail VLAN ···················································································································································· 405
Configuration prerequisites ········································································································································· 406
Configuring port security ········································································································································ 421
Overview ······································································································································································· 421
Port security features ··········································································································································· 421
Port security modes ············································································································································· 421
Configuration guidelines ············································································································································· 423
Configuring permitted OUIs ········································································································································ 429
Configuring port isolation ······································································································································· 440
Configuring the isolation group ·································································································································· 440
Configuring authorized IP ······································································································································ 443
Configuration procedure ············································································································································· 443
Network requirements ········································································································································· 444
Configuration procedure ···································································································································· 444
Downloaded from
www.Manualslib.com
manuals search engine
ix