Difference between revisions of "Netband Project - 802.1x"
From Teknologisk videncenter
m (→External Links) |
|||
Line 45: | Line 45: | ||
<br> | <br> | ||
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO#Configuration_of_eap.conf | http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO#Configuration_of_eap.conf | ||
+ | [[Category:network]][[Category:CCNP]][[category:students]] |
Revision as of 08:21, 2 May 2009
This page is part of the Netband Project
- provides accesscontrol at the switchport
- Consists of
- Auhtenticator
- The device that handles the authentication on behalf of the clients
- Supplicant(client)
- The clients conencting to the network
- Authentication server
- Radius server
- Auhtenticator
Configuration
- Allows only one host on a switchport
- The host must be authenticated before normal traffic will be allowed through the switchport
- The host must be 802.1x compatible
aaa new-model ! dot1x system-auth-control ! aaa authentication dot1x default group Hq_radius_server ! aaa group server radius Hq_radius_server server 10.1.1.11 auth-port 1645 acct-port 1646 ! radius-server key ciscodisco
- 12.2(46)SE and earlier
interface FastEthernet0/10 dot1x port-control auto dot1x host-mode single-host dot1x violation-mode protect
- 12.2(50)SE or later
interface FastEthernet0/10 authentication port-control auto authentication host-mode single-host authentication violation protect
External Links
802.1x 12.2(46)SE
802.1x 12.2(50)SE
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO#Configuration_of_eap.conf