7.Enabling the HTTP server is necessary for URL redirection. When URL redirection is configured in the group configuration section, these URL redirections are sent to the Cisco IOS Software NAD.

Router(config)# ip http server Router(config)# ip http authentication aaa Router(config)# no ip http secure-server

8.This command enables EAPoUDP system logging from the Cisco IOS Software NAD to the console:

Router(config)# eou logging

Verifying Network Admission Control

To verify EAP and EAPoUDP messages or sessions, enter the show eou or show eou all command. Example 7-3shows sample output.

Example 7-3 Output of show eou and show eou all command

Router# show eou

Global EAPoUDP Configuration

----------------------------

EAPoUDP Version

= 1

EAPoUDP Port

= 0x5566

Clientless Hosts

= Enabled

IP Station ID

= Disabled

Revalidation

= Enabled

Revalidation Period

= 36000 Seconds

ReTransmit Period

= 3 Seconds

StatusQuery Period

= 300 Seconds

Hold Period

= 180 Seconds

AAA Timeout

= 60 Seconds

Max Retries

= 3

EAP Rate Limit

= 20

EAPoUDP Logging

= Enabled

Clientless Host Username = clientless

Clientless Host Password = password

Interface Specific EAPoUDP Configurations

-----------------------------------------

Interface FastEthernet0/0

No interface specific configuration

Router# show eou all

------------------------------------------------------------------

Address Interface AuthType Posture-Token Age(min)

------------------------------------------------------------------

302Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

Page 319 Page 321
Page 320
Image 320
IBM Tivoli and Cisco manual Verifying Network Admission Control, Example 7-3 Output of show eou and show eou all command
Page 319 Page 321
Top Page Image Contents