Configuring RADIUS attributes

The RADIUS attributes required for NAC must be globally enabled on the Cisco Secure ACS.

1.Select Interface Configuration from the main menu (Figure 7-13 on page 230), then select RADIUS (IETF) (Figure 7-19).

Figure 7-19 Global IETF RADIUS attributes

For L2Dot1x NAC, you must select the following:

[027] Session-Timeout

[029] Termination-Action

[064] Tunnel-type

[065] Tunnel-Medium-Type

[081] Tunnel-Private-Group-ID

After selecting just these items, click Submit. This will take you back to the screen shown in Figure 7-13 on page 230.

Note: 64, 65, and 81 are required for VLAN assignment.

236Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

Page 253 Page 255
Page 254
Image 254
IBM Tivoli and Cisco manual Configuring Radius attributes, Global Ietf Radius attributes
Page 253 Page 255
Top Page Image Contents