EasyManuals Logo

Cisco 3750G - Catalyst Integrated Wireless LAN Controller User Manual

Cisco 3750G - Catalyst Integrated Wireless LAN Controller
1204 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #234 background imageLoading...
Page #234 background image
9-30
Catalyst 3750 Switch Software Configuration Guide
OL-8550-02
Chapter 9 Configuring Switch-Based Authentication
Controlling Switch Access with RADIUS
This example shows how to provide a user logging in from a switch with immediate access to privileged
EXEC commands:
cisco-avpair= ”shell:priv-lvl=15“
This example shows how to specify an authorized VLAN in the RADIUS server database:
cisco-avpair= ”tunnel-type(#64)=VLAN(13)”
cisco-avpair= ”tunnel-medium-type(#65)=802 media(6)”
cisco-avpair= ”tunnel-private-group-ID(#81)=vlanid”
This example shows how to apply an input ACL in ASCII format to an interface for the duration of this
connection:
cisco-avpair= “ip:inacl#1=deny ip 10.10.10.10 0.0.255.255 20.20.20.20 255.255.0.0”
cisco-avpair= “ip:inacl#2=deny ip 10.10.10.10 0.0.255.255 any”
cisco-avpair= “mac:inacl#3=deny any any decnet-iv”
This example shows how to apply an output ACL in ASCII format to an interface for the duration of this
connection:
cisco-avpair= “ip:outacl#2=deny ip 10.10.10.10 0.0.255.255 any”
Other vendors have their own unique vendor-IDs, options, and associated VSAs. For more information
about vendor-IDs and VSAs, see RFC 2138, “Remote Authentication Dial-In User Service (RADIUS).”
Beginning in privileged EXEC mode, follow these steps to configure the switch to recognize and use
VSAs:
For a complete list of RADIUS attributes or more information about vendor-specific attribute 26, see the
“RADIUS Attributes” appendix in the Cisco IOS Security Configuration Guide, Release 12.2.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
radius-server vsa send [accounting |
authentication]
Enable the switch to recognize and use VSAs as defined by RADIUS IETF
attribute 26.
(Optional) Use the accounting keyword to limit the set of recognized
vendor-specific attributes to only accounting attributes.
(Optional) Use the authentication keyword to limit the set of
recognized vendor-specific attributes to only authentication attributes.
If you enter this command without keywords, both accounting and
authentication vendor-specific attributes are used.
Step 3
end Return to privileged EXEC mode.
Step 4
show running-config Verify your settings.
Step 5
copy running-config startup-config (Optional) Save your entries in the configuration file.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 3750G - Catalyst Integrated Wireless LAN Controller and is the answer not in the manual?

Cisco 3750G - Catalyst Integrated Wireless LAN Controller Specifications

General IconGeneral
Switching Capacity32 Gbps
RAM128 MB
Flash Memory32 MB
Power DeviceInternal power supply
Ports48 x 10/100/1000 + 4 x SFP
Performance38.7 Mpps
Wireless LAN Controller Capacity50
StackingYes
FeaturesVLAN support, QoS
Compliant StandardsIEEE 802.3, IEEE 802.3u, IEEE 802.3ab, IEEE 802.3z
Operating Humidity10% to 85% non-condensing
Power over Ethernet (PoE)Yes (optional)

Related product manuals