Cisco Catalyst 2975 Software Configuration Manual page 313
Ios release 12.2(55)se
Hide thumbs
Also See for Catalyst 2975:
- Hardware installation manual (62 pages) ,
- Brochure (19 pages) ,
- Getting started manual (17 pages)
Table of Contents
Advertisement
Chapter 10
Configuring IEEE 802.1x Port-Based Authentication
Command
Step 3
interface interface-id
Step 4
ip access-group acl-id in
Step 5
exit
Step 6
aaa new-model
Step 7
aaa authorization network default
group radius
Step 8
ip device tracking
Step 9
ip device tracking probe [count |
interval | use-svi]
Step 10
radius-server vsa send authentication Configures the network access server to recognize and use vendor-specific
Step 11
end
Step 12
show ip device tracking all
Step 13
copy running-config startup-config
This example shows how to configure a switch for a downloadable policy:
Switch# config terminal
Enter configuration commands, one per line.
Switch(config)# aaa new-model
Switch(config)# aaa authorization network default group radius
Switch(config)# ip device tracking
Switch(config)# ip access-list extended default_acl
Switch(config-ext-nacl)# permit ip any any
Switch(config-ext-nacl)# exit
Switch(config)# radius-server vsa send authentication
Switch(config)# interface gigabitethernet2/0/1
Switch(config-if)# ip access-group default_acl in
Switch(config-if)# exit
OL-19720-02
Purpose
Enter interface configuration mode.
Configure the default ACL on the port in the input direction.
The acl-id is an access list name or number.
Note
Returns to global configuration mode.
Enables AAA.
Sets the authorization method to local. To remove the authorization
method, use the no aaa authorization network default group radius
command.
Enables the IP device tracking table.
To disable the IP device tracking table, use the no ip device tracking
global configuration commands.
(Optional) Configures the IP device tracking table:
count count—Sets the number of times that the switch sends the ARP
•
probe. The range is from 1 to 5. The default is 3.
•
interval interval—Sets the number of seconds that the switch waits
for a response before resending the ARP probe. The range is from 30
to 300 seconds. The default is 30 seconds.
use-svi—Uses the switch virtual interface (SVI) IP address as source
•
of ARP probes.
attributes.
The downloadable ACL must be operational.
Note
Returns to privileged EXEC mode.
Displays information about the entries in the IP device tracking table.
(Optional) Saves your entries in the configuration file.
End with CNTL/Z.
Catalyst 2975 Switch Software Configuration Guide
Configuring 802.1x Authentication
10-63
- Quick Links:
- Management Options
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
