10-8
Catalyst 2960 and 2960-S Switches Software Configuration Guide, Release 15.0(1)SE
OL-26520-01
Chapter 10 Configuring IEEE 802.1x Port-Based Authentication
Understanding IEEE 802.1x Port-Based Authentication
Per-User ACLs and Filter-Ids
In releases earlier than Cisco IOS Release 12.2(50)SE, per-user ACLs and filter Ids were only supported
in single-host mode. In Cisco IOS Release 12.2(50), support was added for MDA- and multiauth-enabled
ports. In 12.2(52)SE and later, support was added for ports in multihost mode.
In releases earlier than Cisco IOS Release 12.2(50)SE, an ACL configured on the switch is not
compatible with an ACL configured on another device running Cisco IOS software, such as a
Catalyst 6000 switch.
In Cisco IOS Release 12.2(50)SE or later, the ACLs configured on the switch are compatible with other
devices running the Cisco IOS release.
Table 10-1 802.1x Features
Authentication method
Mode
Single Host Multiple Host MDA
1
1. MDA = Multidomain authentication.
Multiple
Authentication
2
2. Also referred to as multiauth.
802.1x VLAN assignment
Per-user ACL
Filter-ID attribute
Downloadable
ACL
3
Redirect URL
3
3. Supported in Cisco IOS Release 12.2(50)SE and later.
VLAN assignment
Per-user ACL
Filter-ID attribute
Downloadable
ACL
4
Redirect URL
3
4. Supported in Cisco IOS Release 12.2(50)SE and later.
VLAN assignment
Per-user ACL
3
Filter-Id attribute
3
Downloadable
ACL
3
Redirect URL
3
Per-user ACL
3
Filter-Id attribute
3
Downloadable
ACL
3
Redirect URL
3
MAC authentication bypass VLAN assignment
Per-user ACL
Filter-ID attribute
Downloadable
ACL
3
Redirect URL
3
VLAN assignment
Per-user ACL
Filter-ID attribute
Downloadable
ACL
3
Redirect URL
3
VLAN assignment
Per-user ACL
3
Filter-Id attribute
3
Downloadable
ACL
3
Redirect URL
3
Per-user ACL
3
Filter-Id attribute
3
Downloadable
ACL
3
Redirect URL
3
Standalone web authentication
4
Proxy ACL, Filter-Id attribute, downloadable ACL
2
NAC Layer 2 IP validation Filter-Id attribute
3
Downloadable ACL
Redirect URL
Filter-Id attribute
3
Downloadable ACL
Redirect URL
Filter-Id attribute
3
Downloadable ACL
Redirect URL
Filter-Id attribute
3
Downloadable
ACL
3
Redirect URL
3
Web authentication as fallback
method
5
5. For clients that do not support 802.1x authentication.
Proxy ACL
Filter-Id attribute
3
Downloadable
ACL
3
Proxy ACL
Filter-Id attribute
3
Downloadable
ACL
3
Proxy ACL
Filter-Id attribute
3
Downloadable
ACL
3
Proxy ACL
3
Filter-Id attribute
3
Downloadable
ACL
3
To Next Page
Loading...
