EasyManua.ls Logo

Cisco CATALYST 2960

Cisco CATALYST 2960
980 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
9-40
Catalyst 2960 and 2960-S Switches Software Configuration Guide, Release 15.0(1)SE
OL-26520-01
Chapter 9 Configuring Switch-Based Authentication
Controlling Switch Access with RADIUS
To disable AAA, use the no aaa new-model global configuration command. To disable the AAA server
functionality on the switch, use the no aaa server radius dynamic authorization global configuration
command.
Monitoring and Troubleshooting CoA Functionality
Use these Cisco IOS commands to monitor and troubleshoot CoA functionality on the switch:
debug radius
debug aaa coa
debug aaa pod
debug aaa subsys
debug cmdhd [detail | error | events]
show aaa attributes protocol radius
Configuring RADIUS Server Load Balancing
This feature allows access and authentication requests to be evenly across all RADIUS servers in a server
group. For more information, see the “RADIUS Server Load Balancing” chapter of the Cisco IOS
Security Configuration Guide:
http://www.ciscosystems.com/en/US/docs/ios/12_2sb/feature/guide/sbrdldbl.html
Step 8
ignore session-key (Optional) Configure the switch to ignore the session-key.
For more information about the ignore command, see the Cisco IOS
Intelligent Services Gateway Command Reference on Cisco.com.
Step 9
ignore server-key (Optional) Configure the switch to ignore the server-key.
For more information about the ignore command, see the Cisco IOS
Intelligent Services Gateway Command Reference on Cisco.com.
Step 10
authentication command bounce-port
ignore
(Optional) Configure the switch to ignore a CoA request to temporarily
disable the port hosting a session. The purpose of temporarily disabling
the port is to trigger a DHCP renegotiation from the host when a VLAN
change occurs and there is no supplicant on the endpoint to detect the
change.
Step 11
authentication command disable-port
ignore
(Optional) Configure the switch to ignore a nonstandard command
requesting that the port hosting a session be administratively shut down.
Shutting down the port results in termination of the session.
Use standard CLI or SNMP commands to re-enable the port.
Step 12
end Return to privileged EXEC mode.
Step 13
show running-config Verify your entries.
Step 14
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose

Table of Contents

Other manuals for Cisco CATALYST 2960

Preview: Command Reference Guide
Command Reference Guide800 pages
Preview: Command Reference
Command Reference714 pages
Preview: Hardware Installation Guide
Hardware Installation Guide108 pages
Preview: Getting Started Guide
Getting Started Guide24 pages
Preview: Installation
Installation26 pages

Related product manuals