Configuring downloadable acls – Dell POWEREDGE M1000E User Manual

Page 319

Advertising
background image

10-57

Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide

OL-13270-03

Chapter 10 Configuring IEEE 802.1x Port-Based Authentication

Configuring IEEE 802.1x Authentication

This example shows how to configure a switch as a supplicant:

Switch# configure terminal

Switch(config)# cisp enable

Switch(config)# dot1x credentials test

Switch(config)# username suppswitch

Switch(config)#

password

myswitch

Switch(config)# interface gigabitethernet 1/0/1

Switch(config-if)# switchport trunk encapsulation dot1q

Switch(config-if)# dot1x pae supplicant

Switch(config-if)# dot1x credentials test

Switch(config-if)# end

Configuring 802.1x Authentication with Downloadable ACLs and Redirect URLs

In addition to configuring 802.1x authentication on the switch, you need to configure the ACS. For more
information, see the

Cisco Secure ACS configuration guides

.

Note

You must configure a downloadable ACL on the ACS before downloading it to the switch.

After authentication on the port, you can use the show ip access-list privileged EXEC command to
display the downloaded ACLs on the port.

Configuring Downloadable ACLs

The policies take effect after client authentication and the client IP address addition to the IP device
tracking table. The switch then applies the downloadable ACL to the port.

Beginning in privileged EXEC mode:

Step 5

password password

Create a password for the new username.

Step 6

interface interface-id

Specify the port to be configured, and enter interface configuration
mode.

Step 7

switchport trunk encapsulation
dot1q

Set the port to trunk mode.

Step 8

switchport mode trunk

Configure the interface as a VLAN trunk port.

Step 9

dot1x pae supplicant

Configure the interface as a port access entity (PAE) supplicant.

Step 10

dot1x credentials profile-name

Attach the 802.1x credentials profile to the interface.

Step 11

end

Return to privileged EXEC mode.

Step 12

show running-config interface
interface-id

Verify your configuration.

Step 13

copy running-config startup-config

(Optional) Save your entries in the configuration file.

Command

Purpose

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

ip device tracking

Configure the ip device tracking table.

Advertising
Popular Brands
Popular manuals