Name: Cisco IE 3000
Brand: Cisco
Rating: 5 (1 reviews)

To Next Page

To Previous Page

10-9

Cisco IE 3000 Switch Software Configuration Guide

OL-13018-01

Chapter 10 Configuring IEEE 802.1x Port-Based Authentication

Understanding IEEE 802.1x Port-Based Authentication

Table 10-1 lists the AV pairs and when they are sent are sent by the switch:

You can view the AV pairs that are being sent by the switch by entering the debug radius accounting

privileged EXEC command. For more information about this command, see the Cisco IOS Debug

Command Reference, Release 12.2 at this URL:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_reference_book09186a

00800872ce.html

For more information about AV pairs, see RFC 3580, “IEEE 802.1X Remote Authentication Dial In User

Service (RADIUS) Usage Guidelines.”

Using 802.1x Readiness Check

The 802.1x readiness check monitors IEEE 802.1x activity on all the switch ports and displays

information about the devices connected to the ports that support IEEE 802.1x. You can use this feature

to determine if the devices connected to the switch ports are IEEE 802.1x-capable. You use an alternate

authentication such as MAC authentication bypass or web authentication for the devices that do not

support IEEE 802.1x functionality.

This feature only works if the supplicant on the client supports a query with the NOTIFY EAP

notification packet. The client must respond within the IEEE 802.1x timeout value.

For information on configuring the switch for the 802.1x readiness check, see the “Configuring 802.1x

Readiness Check” section on page 10-22.

Ta b l e 10-1 Accounting AV Pairs

Attribute Number AV Pair Name START INTERIM STOP

Attribute[1] User-Name Always Always Always

Attribute[4] NAS-IP-Address Always Always Always

Attribute[5] NAS-Port Always Always Always

Attribute[8] Framed-IP-Address Never Sometimes

1. The Framed-IP-Address AV pair is sent only if a valid Dynamic Host Control Protocol (DHCP) binding

exists for the host in the DHCP snooping bindings table.

Sometimes

Attribute[25] Class Always Always Always

Attribute[30] Called-Station-ID Always Always Always

Attribute[31] Calling-Station-ID Always Always Always

Attribute[40] Acct-Status-Type Always Always Always

Attribute[41] Acct-Delay-Time Always Always Always

Attribute[42] Acct-Input-Octets Never Always Always

Attribute[43] Acct-Output-Octets Never Always Always

Attribute[44] Acct-Session-ID Always Always Always

Attribute[45] Acct-Authentic Always Always Always

Attribute[46] Acct-Session-Time Never Always Always

Attribute[49] Acct-Terminate-Cause Never Never Always

Attribute[61] NAS-Port-Type Always Always Always

Operating Temperature	-40 to 75°C (-40 to 167°F)
DRAM	128 MB
Flash Memory	32 MB
Uplink Ports	2 x 10/100/1000Base-T or SFP
MAC Address Table Size	8000
Mounting	DIN rail, Wall

Cisco IE 3000 User Manual

Table of Contents

Other manuals for Cisco IE 3000

Questions and Answers:

Cisco IE 3000 Specifications

Related product manuals