Name: Cisco Catalyst 4500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

49-53

Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex

Chapter 49 Configuring 802.1X Port-Based Authentication

Configuring 802.1X Port-Based Authentication

The following example illustrates how to configure a switch for downloadable policy:

Switch# config terminal

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)# aaa new-model

Switch(config)# aaa authorization network default local

Switch(config)# ip device tracking

Switch(config)# ip access-list extended default_acl

Switch(config-ext-nacl)# permit ip any any

Switch(config-ext-nacl)# exit

Switch(config)# int fastEthernet 2/13

Switch(config-if)# ip access-group default_acl in

Switch(config-if)# exit

Configuring RADIUS-Provided Session Timeouts

You can configure the Catalyst 4500 series switch to use a RADIUS-provided reauthentication timeout.

To configure RADIUS-provided timeouts, perform this task:

Step 4

Switch(config-if)# ip access-group

{access-list-number | name} in

Controls access to the specified interface.

This step is mandatory for a functioning downloaded policy.

Step 5

Switch(config)# exit

Returns to global configuration mode.

Step 6

Switch(config)# aaa new-model

Enables AAA.

Step 7

Switch(config)# aaa authorization

network default local

Sets the authorization method to local. To remove the authorization

method, use the no aaa authorization network default local command.

Step 8

Switch(config)# ip device tracking

Enables the IP device tracking table.

To disable the IP device tracking table, use the no ip device tracking

global configuration commands.

Step 9

Switch(config)# ip device tracking

[probe {count count | interval

interval}]

(Optional) Configures these parameters for the IP device tracking table:

• count—Number of times that the switch sends the ARP probe. The

range is 1 to 5. The default is 3.

• interval—Number of seconds that the switch waits for a response

before resending the ARP probe. The range is 30 to 300 seconds. The

default is 30 seconds.

Step 10

Switch(config)# ip device tracking

[probe {delay interval}]

(Optional) Configures the optional probe delay parameter for the IP

device tracking table:

• interval—Number of seconds that the switch delays sending an ARP

probe, triggered by link-up and ARP probe generation by the tracked

device. The range is 1 to 120 seconds. The default is 0 seconds.

Step 11

Switch(config)# end

Returns to privileged EXEC mode.

Step 12

Switch# show ip device tracking

{all | interface interface-id | ip

ip-address | mac mac-address}

Displays information about the entries in the IP device tracking table.

Step 13

Switch# copy running-config

startup-config

(Optional) Saves your entries in the configuration file.

Command Purpose

Other manuals for Cisco Catalyst 4500 Series

Manual19 pages

Command Reference Guide1230 pages

System Message Guide150 pages

Configuration Guide1610 pages

Administration Guide1814 pages

Message Guide146 pages

Installation Guide194 pages

Datasheet11 pages

Overview46 pages

Quick Reference Guide59 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General

Series	Catalyst 4500 Series
Category	Switch
Layer Support	Layer 2, Layer 3
Form Factor	Modular chassis
Stackable	No
Chassis Slots	3, 6, 7, 10
Power Supply Options	AC, DC
Redundancy	Power supply, Supervisor engine
Network Management	Cisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
Features	Security, QoS
Port Density	Up to 384 ports per chassis
Security Features	802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine	8-E