Configuring Roles 162
Creating User Roles and Rules 162
Creating Feature Groups 165
Changing User Role Interface Policies 166
Changing User Role VLAN Policies 167
Changing User Role VRF Policies 169
About No Service Password-Recovery 171
Enabling No Service Password-Recovery 171
Verifying User Accounts and RBAC Configuration 172
Configuration Examples for User Accounts and RBAC 173
Additional References for User Accounts and RBAC 174
Configuring 802.1X 177
CHAPTER 9
About 802.1X 177
Device Roles 177
Authentication Initiation and Message Exchange 178
Authenticator PAE Status for Interfaces 180
Ports in Authorized and Unauthorized States 180
MAC Authentication Bypass 181
Dynamic VLAN Assignment based on MAC-Based Authentication (MAB) 181
VLAN Assignment from RADIUS 182
Single Host and Multiple Hosts Support 182
Supported Topology 182
Licensing Requirements for 802.1X 183
Prerequisites for 802.1X 183
802.1X Guidelines and Limitations 183
Default Settings for 802.1X 185
Configuring 802.1X 186
Process for Configuring 802.1X 186
Enabling the 802.1X Feature 186
Configuring AAA Authentication Methods for 802.1X 187
Controlling 802.1X Authentication on an Interface 188
Creating or Removing an Authenticator PAE on an Interface 190
Enabling Periodic Reauthentication for an Interface 191
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
x
Contents
To Next Page
Loading...
