Cisco 3020 - Catalyst Blade Switch Release Note page 20

Release notes for the cisco catalyst blade switch 3020 for hp, cisco ios release 12.2(35)se and later

Hide thumbs Also See for 3020 - Cisco Catalyst Blade Switch:

Command reference manual (744 pages)

Configuration manual (712 pages)

Release note (54 pages)

Table Of Contents

Table of Contents

Documentation Updates

When you configure one end of an EtherChannel in either PAgP or LACP mode, the system negotiates

with the other end of the channel to determine which ports should become active. In previous releases,

the incompatible ports were suspended. Beginning with Cisco IOS Release , instead of a suspended state,

the local port is put into an independent state and continues to carry data traffic as would any other single

link. The port configuration does not change, but the port does not participate in the EtherChannel.

Update to the "Configuring IEEE 802.1x chapter

These sections were added to the "Configuring IEEE 802.1x" chapter:

Using Web Authentication

You can use a web browser to authenticate a client that does not support IEEE 802.1x functionality.

You can configure a port to use only web authentication. You can also configure the port to first try and

use IEEE 802.1x authentication and then to use web authorization if the client does not support

IEEE 802.1x authentication.

Web authentication requires two Cisco Attribute-Value (AV) pair attributes:

•

Note

For more information, see the

Configuring Web Authentication

Beginning in privileged EXEC mode, follow these steps to configure authentication, authorization,

accounting (AAA) and RADIUS on a switch before configuring web authentication. The steps enable

AAA by using RADIUS authentication and enable device tracking.

Command

Step 1

configure terminal

Step 2

aaa new-model

Release Notes for the Cisco Catalyst Blade Switch 3020 for HP, Cisco IOS Release 12.2(35)SE and Later

The first attribute,

priv-lvl=15

who is logging into the switch.

The second attribute is an access list to be applied for web authenticated hosts. The syntax is similar

to IEEE 802.1X per-user ACLs. However, instead of

, and the

proxyacl

source

address replaces the

field when the ACL is applied.)

any

For example:

proxyacl# 10=permit ip any 10.0.0.0 255.0.0.0

proxyacl# 20=permit ip any 11.1.0.0 255.255.0.0

proxyacl# 30=permit udp any any eq syslog

proxyacl# 40=permit udp any any eq tftp

The proxyacl entry determines the type of allowed network access.

, must always be set to 15. This sets the privilege level of the user

field in each entry must be

"Configuring Web Authentication" section on page

Purpose

Enter global configuration mode.

Enable AAA.

, this attribute must begin with

ip:inacl

. (After authentication, the client IP

any

20.

OL-8918-03

Table of Contents

Cisco 3020 - Catalyst Blade Switch Release Note page 20

Related Manuals for Cisco 3020 - Cisco Catalyst Blade Switch

Related Products for Cisco 3020 - Cisco Catalyst Blade Switch

Table of Contents