EasyManua.ls Logo

Cisco Catalyst 2960 Series

Cisco Catalyst 2960 Series
2288 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Auto Identity Interface Templates
The following interface templates are available in the Auto Identity feature:
AI_MONITOR_MODEPassively monitors sessions that have authentication in open mode.
AI_LOW_IMPACT_MODESimilar to monitor mode, but with a configured static policy such as a
port access control list (PACL).
AI_CLOSED_MODESecure mode in which data traffic is not allowed into the network, until
authentication is complete. This mode is the default.
The following commands are inbuilt in the AI_MONITOR_MODE:
switchport mode access
access-session port-control auto
access-session host-mode multi-auth
dot1x pae authenticator
mab
service-policy type control subscriber AI_DOT1X_MAB_POLICIES
The following commands are inbuilt in the AI_LOW_IMPACT_MODE:
switchport mode access
access-session port-control auto
access-session host-mode multi-auth
dot1x pae authenticator
mab
ip access-group AI_PORT_ACL in
service-policy type control subscriber AI_DOT1X_MAB_POLICIES
The following commands are inbuilt in the AI_CLOSED_MODE:
switchport mode access
access-session closed
access-session port-control auto
access-session host-mode multi-auth
dot1x pae authenticator
mab
service-policy type control subscriber AI_DOT1X_MAB_POLICIES
Auto Identity Built-in Policies
The following five built-in policies are available in the Auto Identity feature:
AI_DOT1X_MAB_AUTHEnables flexible authentication with dot1x, and then MAC Address Bypass
(MAB).
AI_DOT1X_MAB_POLICIESEnables flexible authentication with dot1x, and then MAB. Applies
critical VLAN in case the Authentication, Authorization, and Accounting (AAA) server is not reachable.
AI_DOT1X_MAB_WEBAUTHEnables flexible authentication with dot1x, MAB, and then web
authentication.
AI_NEXTGEN_AUTHBYBASSSkips authentication if an IP phone device is detected. Enables the
device classifier command in global configuration mode and the voice-vlan command in interface
configuration mode to detect the device. This is a reference policy map, and users can copy the contents
of this policy map to other policy maps.
AI_STANDALONE_WEBAUTHDefines standalone web authentication.
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1455
Auto Identity

Table of Contents

Other manuals for Cisco Catalyst 2960 Series

Preview: Datasheet
Datasheet21 pages
Preview: Brochure & Specs
Brochure & Specs10 pages
Preview: Product Bulletin
Product Bulletin5 pages
Preview: Specifications
Specifications2 pages

Related product manuals