Lenovo CN4093 Application Manual page 5
10gb converged scalable switch
Hide thumbs
Also See for CN4093:
- Application manual (634 pages) ,
- Installation manual (72 pages) ,
- User manual (58 pages)
Table of Contents
Advertisement
© Copyright Lenovo 2015
Chapter 5. Authentication & Authorization Protocols . . . . . . . . . 83
RADIUS Authentication and Authorization . . . . . . . . . . . . . . . .84
How RADIUS Authentication Works . . . . . . . . . . . . . . . . .84
Configuring RADIUS on the Switch . . . . . . . . . . . . . . . . . .85
RADIUS Authentication Features in Lenovo N/OS. . . . . . . . . . . .85
Switch User Accounts . . . . . . . . . . . . . . . . . . . . . . . .86
RADIUS Attributes for Lenovo N/OS User Privileges . . . . . . . . . .87
TACACS+ Authentication . . . . . . . . . . . . . . . . . . . . . . . .88
How TACACS+ Authentication Works. . . . . . . . . . . . . . . . .88
TACACS+ Authentication Features in Lenovo N/OS . . . . . . . . . . .89
Authorization . . . . . . . . . . . . . . . . . . . . . . . . . .89
Accounting . . . . . . . . . . . . . . . . . . . . . . . . . . .90
Command Authorization and Logging . . . . . . . . . . . . . . . . .91
TACACS+ Password Change . . . . . . . . . . . . . . . . . . . . .92
Configuring TACACS+ Authentication on the Switch . . . . . . . . . .92
LDAP Authentication and Authorization . . . . . . . . . . . . . . . . .93
Configuring the LDAP Server. . . . . . . . . . . . . . . . . . . . .93
Configuring LDAP Authentication on the Switch . . . . . . . . . . . .94
Chapter 6. 802.1X Port-Based Network Access Control . . . . . . . . 95
Extensible Authentication Protocol over LAN . . . . . . . . . . . . . . .96
EAPoL Authentication Process . . . . . . . . . . . . . . . . . . . .97
EAPoL Message Exchange . . . . . . . . . . . . . . . . . . . . . .98
EAPoL Port States . . . . . . . . . . . . . . . . . . . . . . . . . .98
Guest VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99
Supported RADIUS Attributes . . . . . . . . . . . . . . . . . . . . . 100
EAPoL Configuration Guidelines . . . . . . . . . . . . . . . . . . . . 102
Chapter 7. Access Control Lists . . . . . . . . . . . . . . . . . . 103
Summary of Packet Classifiers . . . . . . . . . . . . . . . . . . . . . 104
Summary of ACL Actions . . . . . . . . . . . . . . . . . . . . . . . 106
Assigning Individual ACLs to a Port . . . . . . . . . . . . . . . . . . 106
ACL Order of Precedence . . . . . . . . . . . . . . . . . . . . . . . 106
ACL Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Assigning ACL Groups to a Port . . . . . . . . . . . . . . . . . . 107
ACL Metering and Re-Marking . . . . . . . . . . . . . . . . . . . 108
Metering . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
Re-Marking . . . . . . . . . . . . . . . . . . . . . . . . . . 108
ACL Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Viewing ACL Statistics . . . . . . . . . . . . . . . . . . . . . . . . 109
ACL Configuration Examples . . . . . . . . . . . . . . . . . . . . . 110
ACL Example 1 . . . . . . . . . . . . . . . . . . . . . . . . . . 110
ACL Example 2 . . . . . . . . . . . . . . . . . . . . . . . . . . 110
ACL Example 3 . . . . . . . . . . . . . . . . . . . . . . . . . . 111
VLAN Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
VMap Example . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Management ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . 114
5
Contents
Advertisement
Table of Contents
