Table of Contents
Advertisement
336
C
13: C
HAPTER
ONFIGURING
General Use of
Network User
Commands
WX1200# set authentication dot1x ssid mycorp EXAMPLE\* pass-through shorebirds
WX1200# set accounting dot1x ssid mycorp EXAMPLE\* stop-only local
success: change accepted.
WX1200# display security acl info acl-101
set security acl ip acl-101 (hits #0 0)
----------------------------------------------------
1. permit IP source IP 192.168.1.1 0.0.0.255 destination IP any enable-hits
AAA
N
FOR
ETWORK
The following example illustrates how to configure IEEE 802.1X network
users for authentication, accounting, ACL filtering, and Mobility Profile
assignment:
1 Configure all 802.1X users of SSID mycorp at EXAMPLE to be
authenticated by server group shorebirds. Type the following command:
2 Configure stop-only accounting for all mycorp users at EXAMPLE, for
accounting records to be stored locally. Type the following command:
3 Configure an ACL to filter the inbound packets for each user at
EXAMPLE. Type the following command for each user: <<syntax valid?>>
WX1200# set user EXAMPLE\username attr filter-id = acl-101.in
This command applies the access list named acl-101 to each user at
EXAMPLE.
4 To display the ACL, type the following command:
(For more information about ACLs, see Chapter 11, "Configuring and
Managing Security ACLs," on page 231.)
5 Create a Mobility Profile called tulip by typing the following commands:
WX1200# set mobility-profile name tulip port 2,5
success: change accepted.
WX1200# set mobility-profile mode enable
success: change accepted.
WX1200# display mobility-profile
Mobility Profiles
Name
=========================
tulip
6 To assign Mobility Profile tulip to all users at EXAMPLE, type the following
command for each EXAMPLE\ user:
WX1200# set user EXAMPLE\username attr mobility-profile tulip
U
SERS
Ports
AP 2
AP 5
Advertisement
Table of Contents
