Cisco 7604 Configuration Manual page 800
Ios software configuration guide
Hide thumbs
Also See for 7604:
- Configuration manual (742 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Configuring NAC
Command
Step 19
Router# show ip admission {[cache]
[configuration] [eapoudp]}
Step 20
Router# show ip device tracking {all | interface
interface_id | ip ip_address | mac mac_address }
Step 21
Router# show ip access lists interface interface
Step 22
Router# copy running-config startup-config
To remove the IP NAC rule on the switch, use the no ip admission name rule_name eapoudp global
configuration command. To remove the IP NAC rule that was applied to a specific interface, use the no
ip admission admission_name interface configuration command.
To remove the EAPoUDP authentication methods, use the no aaa authentication eou default global
configuration command. To configure the auth-proxy posture code to not obtain security associations
from the AAA server, use the no aaa authorization auth-proxy default global configuration command.
To disable the IP device tracking table and return the parameters for the table to the default values, use
the no device tracking and the no device tracking probe {count | interval} global configuration
commands.
To configure the switch to not send the Framed-IP-Address attribute, use the no radius-server attribute
8 include-in-access-req global configuration command.
To disable the logging of EAPoUDP system events, use the no eou logging global configuration
command.
To clear all NAC client device entries on the switch or on the specified interface, use the clear eou
privileged EXEC command. To clear entries in the IP device tracking table, use the clear ip device
tracking privileged EXEC command.
This example shows how to configure NAC Layer 2 IP validation on a switch interface:
Router# configure terminal
Router(config)# ip admission nac eapoudp
Router(config)# access-list 5 permit any any
Router(config)# interface gigabitethernet 2/0/1
Router(config-if)# ip access-group 5 in
Router(config-if)# ip admission name nac
Router(config-if)# exit
Router(config)# aaa new-model
Router(config)# aaa authentication eou default group radius
Router(config)# radius-server host admin key rad123
Router(config)# radius-server vsa send authentication
Router(config)# ip device tracking probe count 2
Router(config)# eou logging
Router(config)# end
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
45-16
Chapter 45
Configuring Network Admission Control
Purpose
Displays the NAC configuration or network admission
cache entries.
Displays information about the entries in the IP device
tracking table.
Displays the downloaded host policies in the Cisco IOS
software configuration.
(Optional) Saves your entries in the configuration file.
OL-4266-08
- Quick Links:
- Supported Hardware and Software
Hide quick links:
Advertisement
Chapters
Table of Contents
