Cisco Acs Configuration For Vlan Assignment - Cisco Catalyst 4500 Series Configuration Manual
Release ios xe 3.3.0sg and ios 15.1(1)sg
Hide thumbs
Also See for Catalyst 4500 Series:
- Software configuration manual (2086 pages) ,
- Administration manual (1814 pages) ,
- Configuration manual (1254 pages)
Table of Contents
Advertisement
Configuring 802.1X Port-Based Authentication
To enable 802.1X with VLAN assignment, perform this task:
Command
Step 1
Switch# configure terminal
Step 2
Switch(config)# interface
interface-id
Step 3
Switch(config-if)# switchport
access vlan-id
Step 4
Switch(config-if)# switchport mode
access
Step 5
Switch(config-if)# switchport voice
vlan vlan-id
Step 6
Switch(config-if)# authentication
host-mode multi-domain
Step 7
Switch(config-if)# authentication
port-control auto
Step 8
Switch(config-if)# dot1x pae
authenticator
Step 9
Switch(config)# end
Step 10
Switch# show dot1x interface
interface-id details
Step 11
Switch# copy running-config
startup-config
The following example shows how to configure MDA on an interface and 802.1X as the authentication
mechanism:
Switch(config)# interface FastEthernet3/3
Switch(config-if)# switchport access vlan 10
Switch(config-if)# switchport mode access
Switch(config-if)# switchport voice vlan 16
Switch(config-if)# authentication host-mode multi-domain
Switch(config-if)# authentication port-control auto
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# end
Note
Cisco ACS Configuration for VLAN Assignment
The procedure for enabling MDA with voice VLAN assignment is the same as that for activating MDA
except for one step: Configure a VLAN for dynamic VLAN assignment after selecting
User > IETF RADIUS Attributes
configuration required for dynamic VLAN assignment.
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
44-72
Purpose
Enters global configuration mode.
Enters interface configuration mode.
Sets the VLAN for a switched interface in access mode.
Specifies a nontrunking, nontagged single VLAN Layer 2 interface.
Sets the voice VLAN for the interface.
Enables MDA on the interface.
Enables 802.1X authentication on the interface.
Enables 802.1X authentication on the port with default parameters.
Refer to the
Returns to privileged EXEC mode.
(Optional) Verifies your entries.
(Optional) Saves your entries in the configuration file.
You must configure VLAN assignment in the ACS server. No configuration changes are required
on the switch.
Chapter 44
"Default 802.1X Configuration" section on page
(Figure
44-16). This step ensures correct functioning of the ACS
Configuring 802.1X Port-Based Authentication
44-27.
OL-25340-01
- Quick Links:
- Resetting a Switch to Factory Default...
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
