54-4
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 54 Auto Identity
Information About Auto Identity
Auto Identity Built-in Policies
The following five built-in policies are available in the Auto Identity feature:
•
AI_DOT1X_MAB_AUTH—Enables flexible authentication with dot1x, and then MAC Address
Bypass (MAB).
•
AI_DOT1X_MAB_POLICIES—Enables flexible authentication with dot1x, and then MAB.
Applies critical VLAN in case the Authentication, Authorization, and Accounting (AAA) server is
not reachable.
•
AI_DOT1X_MAB_WEBAUTH—Enables flexible authentication with dot1x, MAB, and then web
authentication.
•
AI_NEXTGEN_AUTHBYBASS—Skips authentication if an IP phone device is detected. Enables
the
device classifier
command in global configuration mode and the
voice-vlan
command in
interface configuration mode to detect the device. This is a reference policy map, and users can copy
the contents of this policy map to other policy maps.
•
AI_STANDALONE_WEBAUTH—Defines standalone web authentication.
Auto Identity Class Map Templates
The following built-in class maps are supported by the Auto Identity feature:
•
AI_NRH—Specifies that the nonresponsive host (NRH) authentication method is enabled.
•
AI_WEBAUTH_METHOD—Specifies that the web authentication method is enabled.
•
AI_WEBAUTH_FAILED—Specifies that the web authentication method failed to authenticate.
•
AI_WEBAUTH_NO_RESP—Specifies that the web authentication client failed to respond.
•
AI_DOT1X_METHOD—Specifies that the dot1x method is enabled.
•
AI_DOT1X_FAILED—Specifies that the dot1x method failed to authenticate.
•
AI_DOT1X_NO_RESP—Specifies that the dot1x client failed to respond.
•
AI_DOT1X_TIMEOUT—Specifies that the dot1x client stopped responding after the initial
acknowledge (ACK) request.
•
AI_MAB_METHOD—Specifies that the MAC Authentication Bypass (MAB) method is enabled.
•
AI_MAB_FAILED—Specifies that the MAB method failed to authenticate.
•
AI_AAA_SVR_DOWN_AUTHD_HOST—Specifies that the Authentication, Authorization, and
Accounting (AAA) server is down, and the client is in authorized state.
•
AI_AAA_SVR_DOWN_UNAUTHD_HOST—Specifies that the AAA server is down, and the
client is in authorized state.
•
AI_IN_CRITICAL_AUTH—Specifies that the critical authentication service template is applied.
•
AI_NOT_IN_CRITICAL_AUTH—Specifies that the critical authentication service template is not
applied.
•
AI_METHOD_DOT1X_DEVICE_PHONE—Specifies that the method is dot1x and the device type
is IP phone.
•
AI_DEVICE_PHONE—Specifies that the device type is IP phone.
Содержание Catalyst 4500 Series
Страница 2: ......
Страница 4: ......
Страница 2086: ...Index IN 46 Software Configuration Guide Release IOS XE 3 9 0E and IOS 15 2 5 E ...