Chapter 46
Configuring 802.1X Port-Based Authentication
Configuring 802.1X Port-Based Authentication
Figure 46-12
shows how members of the group you are configuring are denied all access to the
10.100.60.0 subnet, are denied HTTP access to the server at 10.100.10.116, and are permitted
everywhere else.
Figure 46-12
Define the ACEs for the Per-User ACL
Note
Outbound ACLs (OUTACL) are not supported.
Filter-Id Configuration in ACS
In the Group/User Setting page, scroll down to the IETF RADIUS Attributes section. Select the box next
to Filter-Id and enter the ACL to apply for members of this group (Figure 46-13).
The Filter-Id ia in this format:
ACL_#.in
Number of the ACL that was previously configured on the switch
ACL
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
46-49
OL_28731-01