The purpose is to do a minimal dot1x authentification on ethernet Ports
1 : Define Radius server
ip radius source-interface Loopback0
!
radius-server host 25.2.2.1
radius-server key CISCO
2 : Globally activate dot1x
dot1x system-auth-control
3 : Define the AAA model for dot1x only
Don't forget the login default non, otherwise it will ask for password on console and telnet login.
aaa new-model
aaa authentication login default none
aaa authentication dot1x default group radius
4: Activate dot1x on ports
interface FastEthernet1/4
switchport mode access
dot1x port-control auto
4: Verification
show dot1x
show dot1x interface
Inscription à :
Publier les commentaires (Atom)
Aucun commentaire:
Enregistrer un commentaire