9-62
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
OL-12247-04
Chapter 9 Configuring IEEE 802.1x Port-Based Authentication
Configuring 802.1x Authentication
This example shows how to configure a switch for a downloadable policy:
Switch#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#
aaa new-model
Switch(config)#
aaa authorization network default group radius
Switch(config)#
ip device tracking
Switch(config)#
ip access-list extended default_acl
Switch(config-ext-nacl)#
permit ip any any
Switch(config-ext-nacl)#
exit
Switch(config)#
radius-server vsa send authentication
Switch(config)#
int fastEthernet 2/13
Switch(config-if)#
ip access-group default_acl in
Switch(config-if)#
exit
Configuring VLAN ID-based MAC Authentication
Beginning in privileged EXEC mode, follow these steps:
There is no show command to confirm the status of VLAN ID-based MAC authentication. You can use
the
debug radius accounting
privileged EXEC command to confirm the RADIUS attribute 32. For more
information about this command, see the
Cisco IOS Debug Command Reference, Release 12.2
at this
URL:
http://www.cisco.com/en/US/docs/ios/debug/command/reference/db_q1.html#wp1123741
This example shows how to globally enable VLAN ID-based MAC authentication on a switch:
Switch#
config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#
mab request format attribute 32 vlan access-vlan
Switch(config-if)#
exit
Configuring Flexible Authentication Ordering
Beginning in privileged EXEC mode, follow these steps:
Step 12
show ip device tracking
all
Displays information about the entries in the IP device tracking table.
Step 13
copy running-config startup-config
(Optional) Saves your entries in the configuration file.
Command
Purpose
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
mab request format attribute 32 vlan access-vlan
Enable VLAN ID-based MAC authentication.
Step 3
copy running-config startup-config
(Optional) Save your entries in the configuration
file.