Contents
ix
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
OL-10101-02
Configuring RADIUS 8-19
Default RADIUS Configuration 8-20
Identifying the RADIUS Server Host 8-20
Configuring RADIUS Login Authentication 8-23
Defining AAA Server Groups 8-25
Configuring RADIUS Authorization for User Privileged Access and Network Services 8-27
Starting RADIUS Accounting 8-28
Configuring Settings for All RADIUS Servers 8-28
Configuring the Switch to Use Vendor-Specific RADIUS Attributes 8-29
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 8-30
Displaying the RADIUS Configuration 8-31
Configuring the Switch for Local Authentication and Authorization 8-32
Configuring the Switch for Secure Shell 8-33
Understanding SSH 8-33
SSH Servers, Integrated Clients, and Supported Versions 8-33
Limitations 8-34
Configuring SSH 8-34
Configuration Guidelines 8-34
Cryptographic Software Image Guidelines 8-35
Setting Up the Switch to Run SSH 8-35
Configuring the SSH Server 8-36
Displaying the SSH Configuration and Status 8-37
CHAPTER
9Configuring IEEE 802.1x Port-Based Authentication 9-1
Understanding IEEE 802.1x Port-Based Authentication 9-1
Device Roles 9-2
Authentication Initiation and Message Exchange 9-3
Ports in Authorized and Unauthorized States 9-4
IEEE 802.1x Host Mode 9-5
IEEE 802.1x Accounting 9-6
IEEE 802.1x Accounting Attribute-Value Pairs 9-6
Using IEEE 802.1x Authentication with VLAN Assignment 9-7
Using IEEE 802.1x Authentication with Guest VLAN 9-8
Using IEEE 802.1x Authentication with Restricted VLAN 9-9
Using IEEE 802.1x Authentication with Voice VLAN Ports 9-10
Using IEEE 802.1x Authentication with Port Security 9-10
Using IEEE 802.1x Authentication with Wake-on-LAN 9-11
Network Admission Control Layer 2 IEEE 802.1x Validation 9-11