Cisco Catalyst 2960 Software Configuration Manual page 60
Hide thumbs
Also See for Catalyst 2960:
- Configuration manual (2288 pages) ,
- Command reference manual (800 pages) ,
- Hardware installation manual (108 pages)
Table of Contents
Advertisement
Features
Note
–
Note
–
Note
–
Note
–
–
–
–
Note
–
–
TACACS+, a proprietary feature for managing network security through a TACACS server for both
•
IPv4 and IPv6
RADIUS for verifying the identity of, granting access to, and tracking the actions of remote users
•
through authentication, authorization, and accounting (AAA) services for both IPv4 and IPv6
Enhancements to RADIUS, TACACS+, and SSH to function over IPv6.
•
Secure Socket Layer (SSL) Version 3.0 support for the HTTP 1.1 server authentication, encryption,
•
and message integrity and HTTP client authentication to allow secure HTTP communications
(requires the cryptographic version of the software)
•
IEEE 802.1x Authentication with ACLs and the RADIUS Filter-Id Attribute
•
Support for IP source guard on static hosts.
Catalyst 2960 and 2960-S Switches Software Configuration Guide, Release 15.0(1)SE
1-12
To use 802.1x readiness check, the switch must be running the LAN Base image.
Voice aware 802.1x security to apply traffic violation actions only on the VLAN on which a
security violation occurs.
To use voice aware 802.1x authentication, the switch must be running the LAN Base image.
MAC authentication bypass to authorize clients based on the client MAC address.
To use MAC authentication bypass, the switch must be running the LAN Base image.
Network Admission Control (NAC) Layer 2 802.1x validation of the antivirus condition or
posture of endpoint systems or clients before granting the devices network access.
For information about configuring NAC Layer 2 802.1x validation, see the
Layer 2 802.1x Validation" section on page
To use NAC, the switch must be running the LAN Base image.
Network Edge Access Topology (NEAT) with 802.1X switch supplicant, host authorization
with CISP, and auto enablement to authenticate a switch outside a wiring closet as a supplicant
to another switch.
IEEE 802.1x with open access to allow a host to access the network before being authenticated.
IEEE 802.1x authentication with downloadable ACLs and redirect URLs to allow per-user ACL
downloads from a Cisco Secure ACS server to an authenticated switch.
Support for dynamic creation or attachment of an auth-default ACL on a port that has no
configured static ACLs.
To use this feature, the switch must be running the LAN Base image.
Flexible-authentication sequencing to configure the order of the authentication methods that a
port tries when authenticating a new host.
Multiple-user authentication to allow more than one host to authenticate on an 802.1x-enabled
port.
10-60.
Chapter 1
Overview
"Configuring NAC
OL-26520-01
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
