Table of Contents
Advertisement
Bootstrap Cisco Secure ACS
Enable the authentication method that best supports the 802.1x functionality that you want to enable.
•
This option is selected in the Using Authentication box.
Enable logging of watchdog packets, interim updates. Select the Log Update/Watchdog Packets
•
from this AAA Client check box. This option ensures that interim updates are sent from the
Cisco Secure ACS to MARS.
To enable 802.1x logging support, the following configuration must also be completed.
Ensure DHCP snooping is enabled on each network access device that you plan to define as an
•
802.1x client in MARS
The attack path can not be calculated for a NAC 802.1x security incident when the events triggering the
Note
incident are reported to the MARS Appliance by Cisco Secure ACS. However, the MARS Appliance
knows the switch port to block so you can mitigate without the attack path.
Figure 14-1
Figure 14-1
For more information on defining AAA clients, see the following URL:
http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a00
802335ef.html#wp342084
User Guide for Cisco Security MARS Local Controller
14-6
displays example settings for such a client.
Configure a AAA Client to Support 802.1x
Chapter 14
Configuring AAA Devices
78-17020-01
Advertisement
Table of Contents
Troubleshooting
