Purpose
Command or Action
Specifies the port to be configured, and enter interface
configuration mode.
interface interface-id
Example:
Switch(config)#
interface gigabitethernet2/0/4
Step 6
Configures the default ACL on the port in the input
direction.
ip access-group acl-id in
Example:
Switch(config-if)#
ip access-group default_acl in
Step 7
The
acl-id
is an access list name or
number.
Note
Verifies your configuration.
show running-config interface interface-id
Example:
Switch(config-if)#
show running-config interface
Step 8
gigabitethernet2/0/4
(Optional) Saves your entries in the configuration
file.
copy running-config startup-config
Example:
Switch#
copy running-config startup-config
Step 9
Configuring a Downloadable Policy
Beginning in privileged EXEC mode:
SUMMARY STEPS
1.
configure terminal
2.
access-list access-list-number { deny | permit } { hostname | any | host } log
3.
interface interface-id
4.
ip access-group acl-id in
5.
exit
6.
aaa new-model
7.
aaa authorization network default group radius
8.
ip device tracking
9.
ip device tracking probe
[
count
|
interval
|
use-svi
]
10.
radius-server vsa send authentication
11.
end
Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX
OL-29048-01
347
Configuring IEEE 802.1x Port-Based Authentication
Configuring 802.1x Authentication with Downloadable ACLs and Redirect URLs
