Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual

474

Network OS NETCONF Operations Guide

53-1003231-02

802.1x authentication configuration tasks

30

To add a RADIUS server and enable 802.1x authentication globally, perform the following steps.

1. Issue the <edit-config> RPC to configure the <radius-server> node in the

urn:brocade.com:mgmt:brocade-aaa namespace.

2. Under the <radius-server> node, include the <host> node element.

3. Under the <host> node, include the <hostname> element and specify the RADIUS server.

4. Configure the <dot1x> node in the urn:brocade.com:mgmt:brocade-dot1x namespace.

5. Under the <dot1x> node, include the <enable> node to enable 802.1x authentication globally.

6. Issue the <bna-config-cmd> RPC to save the running-config file to the startup-config file.

The following example specifies 10.0.0.5 as a RADIUS server and enables 802.1x authentication
globally.

<?xml version="1.0" encoding="UTF-8"?>

<rpc message-id="2400" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">

<edit-config>

<target>

<running/>

</target>

<config>

<radius-server xmlns="urn:brocade.com:mgmt:brocade-aaa">

<host>

<hostname>10.0.0.5</hostname>

</host>

</radius-server>

<dot1x xmlns="urn:brocade.com:mgmt:brocade-dot1x>

<enable/>

</dot1x>

</config>

</edit-config>

</rpc>

<rpc-reply message-id="2400" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">

<ok/>

</rpc-reply>

Setting a global timeout value for performing readiness checks

The 802.1x readiness check monitors 802.1x activity on all the switch ports and displays
information about the devices connected to the ports that support 802.1x. You can use this feature
to determine if the devices connected to the switch ports are 802.1x-capable.