Contents
viii
Catalyst 2960 Switch SoftwareConfiguration Guide
78-16881-01
Configuring RADIUS Authorization for User Privileged Access and Network Services 8-27
Starting RADIUS Accounting 8-28
Configuring Settings for All RADIUS Servers 8-29
Configuring the Switch to Use Vendor-Specific RADIUS Attributes 8-29
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 8-30
Displaying the RADIUS Configuration 8-31
Configuring the Switch for Local Authenti cation and Authorization 8-32
Configuring the Switch for Secure Shell 8-33
Understanding SSH 8-33
SSH Servers, Integrated Clients, and Su pported Versions 8-33
Limitations 8-34
Configuring SSH 8-34
Configuration Guidelines 8-34
Setting Up the Switch to Run SSH 8-35
Configuring the SSH Server 8-36
Displaying the SSH Configuration and Status 8-36
Configuring the Switch for Secure Socket Layer HTTP 8-37
Understanding Secure HTTP Servers and Clients 8-37
Certificate Authority Trustpoints 8-37
CipherSuites 8-39
Configuring Secure HTTP Servers and Clients 8-39
Default SSL Configuration 8-39
SSL Configuration Guidelines 8-40
Configuring a CA Trustpoint 8-40
Configuring the Secure HTTP Server 8-41
Configuring the Secure HTTP Client 8-42
Displaying Secure HTTP Server and Client Status 8-43
CHAPTER
9Configuring IEEE 802.1x Port-Based Authentication 9-1
Understanding IEEE 802.1x Port-Based Authentication 9-1
Device Roles 9-2
Authentication Initiation and Message Exchange 9-3
Ports in Authorized and Unauthorized States 9-4
IEEE 802.1x Accounting 9-5
IEEE 802.1x Accounting Attribute-Value Pairs 9-5
IEEE 802.1x Host Mode 9-6
Using IEEE 802.1x with Port Security 9-7
Using IEEE 802.1x with Voice VLAN Ports 9-8