EasyManua.ls Logo

Cisco 7604

Cisco 7604
1011 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
45-14
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 45 Configuring Network Admission Control
Configuring NAC
Step 4
Router(config)# access-list
access_list_number
{deny | permit}
source
[
source_wildcard
] [log]
Defines an ACL by using a source address and wildcard.
The access_list_number value is a decimal number from
1 to 99 or 1300 to 1999.
Enter deny or permit to specify whether to deny or
permit access if conditions are matched.
The source value is the source address of the network or
host from which the packet is being sent specified as
follows:
The 32-bit quantity in dotted-decimal format.
The keyword any as an abbreviation for source and
source_wildcard of 0.0.0.0 255.255.255.255. You do
not need to enter a source_wildcard.
The keyword host as an abbreviation for source and
source-wildcard of source 0.0.0.0.
(Optional) The source_wildcard applies wildcard bits to
the source.
(Optional) Enter log to cause an informational logging
message about the packet that matches the entry to be
sent to the console.
Step 5
Router(config)# interface
interface_id
Enters interface configuration mode.
Step 6
Router(config)# ip access-group
{
access_list_number
|
name
} in
Controls access to the specified interface.
Step 7
Router(config)# ip admission name
rule_name
Applies the specified IP NAC rule to the interface.
To remove the IP NAC rule that was applied to a specific
interface, use the no ip admission rule-name interface
configuration command.
Step 8
Router(config)# exit
Returns to global configuration mode.
Step 9
Router(config)# aaa new-model
Enables AAA.
Step 10
Router(config)# aaa authentication eou default
group radius
Sets authentication methods for EAPoUDP.
To remove the EAPoUDP authentication methods, use
the no aaa authentication eou default global
configuration command.
Step 11
Router(config)# ip device tracking
Enables the IP device tracking table.
To disable the IP device tracking table, use the no device
tracking global configuration command.
Command Purpose

Table of Contents

Related product manuals