Name: Cisco Catalyst 4500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

49-45

Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex

Chapter 49 Configuring 802.1X Port-Based Authentication

Configuring 802.1X Port-Based Authentication

The following example illustrates how to configure a switch for downloadable policy:

Switch# config terminal

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)# aaa new-model

Switch(config)# aaa authorization network default local

Switch(config)# ip device tracking

Switch(config)# ip access-list extended default_acl

Switch(config-ext-nacl)# permit ip any any

Switch(config-ext-nacl)# exit

Switch(config)# radius-server vsa send authentication

Switch(config)# int fastEthernet 2/13

Switch(config-if)# ip access-group default_acl in

Switch(config-if)# exit

Configuring 802.1X Authentication with Per-User ACL and Filter-ID ACL

This section includes the following topics:

• Per-User ACL and Filter-ID ACL, page 49-46

• Configuring a Per-User ACL and Filter-ID ACL, page 49-52

Step 8

Switch(config)# ip device tracking

Enables the IP device tracking table.

To disable the IP device tracking table, use the no ip device tracking

global configuration commands.

Step 9

Switch(config)# ip device tracking

[probe {count count | interval

interval}]

(Optional) Configures these parameters for the IP device tracking table:

• count—Number of times that the switch sends the ARP probe. The

range is 1 to 5. The default is 3.

• interval—Number of seconds that the switch waits for a response

before resending the ARP probe. The range is 30 to 300 seconds. The

default is 30 seconds.

Step 10

Switch(config)# ip device tracking

[probe {delay interval}]

(Optional) Configures the optional probe delay parameter for the IP

device tracking table:

• interval—Number of seconds that the switch delays sending an ARP

probe, triggered by link-up and ARP probe generation by the tracked

device. The range is 1 to 120 seconds. The default is 0 seconds.

Step 11

Switch(config)# radius-server vsa

send authentication

Configures the network access server to recognize and use vendor-specific

attributes.

Note The downloadable ACL must be operational.

Step 12

Switch(config)# end

Returns to privileged EXEC mode.

Step 13

Switch# show ip device tracking

{all | interface interface-id | ip

ip-address | mac mac-address}

Displays information about the entries in the IP device tracking table.

Step 14

Switch# copy running-config

startup-config

(Optional) Saves your entries in the configuration file.

Command Purpose

Other manuals for Cisco Catalyst 4500 Series

Manual19 pages

Command Reference Guide1230 pages

System Message Guide150 pages

Configuration Guide1610 pages

Administration Guide1814 pages

Message Guide146 pages

Installation Guide194 pages

Datasheet11 pages

Overview46 pages

Quick Reference Guide59 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General

Series	Catalyst 4500 Series
Category	Switch
Layer Support	Layer 2, Layer 3
Form Factor	Modular chassis
Stackable	No
Chassis Slots	3, 6, 7, 10
Power Supply Options	AC, DC
Redundancy	Power supply, Supervisor engine
Network Management	Cisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
Features	Security, QoS
Port Density	Up to 384 ports per chassis
Security Features	802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine	8-E