Difference between revisions of "Netband Project - 802.1x"
From Teknologisk videncenter
(→Configuration) |
(→Configuration) |
||
| Line 12: | Line 12: | ||
==Configuration== | ==Configuration== | ||
| − | + | *12.2(46)SE and earlier | |
<pre>aaa new-model | <pre>aaa new-model | ||
! | ! | ||
| Line 24: | Line 24: | ||
interface FastEthernet0/10 | interface FastEthernet0/10 | ||
dot1x port-control auto | dot1x port-control auto | ||
| + | dot1x host-mode single-host | ||
| + | dot1x violation-mode protect | ||
! | ! | ||
radius-server key ciscodisco | radius-server key ciscodisco | ||
| + | </pre> | ||
| + | *12.2(50)SE or later | ||
| + | <pre>interface FastEthernet0/10 | ||
| + | authentication port-control auto | ||
| + | authentication host-mode | ||
| + | authentication violation protect | ||
</pre> | </pre> | ||
==External Links== | ==External Links== | ||
[http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_46_se/configuration/guide/sw8021x.html 802.1x] | [http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_46_se/configuration/guide/sw8021x.html 802.1x] | ||
Revision as of 09:55, 20 April 2009
<accesscontrol>NetBand</accesscontrol> This page is part of the Netband Project
- provides accesscontrol at the switchport
- Consists of
- Auhtenticator
- The device that handles the authentication on behalf of the clients
- Supplicant(client)
- The clients conencting to the network
- Authentication server
- Radius server
- Auhtenticator
Configuration
- 12.2(46)SE and earlier
aaa new-model ! dot1x system-auth-control ! aaa authentication dot1x default group Hq_radius_server ! aaa group server radius Hq_radius_server server 10.1.1.11 auth-port 1645 acct-port 1646 ! interface FastEthernet0/10 dot1x port-control auto dot1x host-mode single-host dot1x violation-mode protect ! radius-server key ciscodisco
- 12.2(50)SE or later
interface FastEthernet0/10 authentication port-control auto authentication host-mode authentication violation protect