1 / 12

Network Infrastructure Configuration for MAB Port Configuration

Network Infrastructure Configuration for MAB Port Configuration. Interface fastethernet 0/1 description Trustsec:802.1X+MAB+MultiAuth switchport access vlan 10 switchport mode access switchport voice vlan 40 ip access-group ACL-ALLOW in authentication event fail action next-method

beatrice-waters
Télécharger la présentation

Network Infrastructure Configuration for MAB Port Configuration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Infrastructure Configuration for MAB Port Configuration Interface fastethernet 0/1 description Trustsec:802.1X+MAB+MultiAuth switchport access vlan 10 switchport mode access switchport voice vlan 40 ip access-group ACL-ALLOW in authentication event fail action next-method authentication event server dead action authorize vlan 10 authentication event server alive action reintialize authentication host-mode multi-auth authentication open authentication order mab dot1x authentication priority dot1x mab authentication port-control auto authentication violation restrict mab dot1x pae authenticator spanning-tree portfast

  2. Network Infrastructure Configuration for MAB Port Configuration switchport access vlan 10 The default vlan identified here can be overridden by a profile Back

  3. Network Infrastructure Configuration for MAB Port Configuration ip access-group ACL-ALLOW in This access list specifies what traffic is allowed on the port prior to a succesful 802.1x authentication Back

  4. Network Infrastructure Configuration for MAB Port Configuration authentication event fail action next-method This commands identifies what should take place after an authentication failure. This command may be useful in circumstances where you want host to failover to MAB if an 802.1x authentication has failed. Back

  5. Network Infrastructure Configuration for MAB Port Configuration authentication event server dead action authorize vlan 10 If the RADIUS server is dead and cannot be contacted then the action in this Example to authorize the port into vlan 10. Back

  6. Network Infrastructure Configuration for MAB Port Configuration authentication event server alive action reintialize On the Radius server becoming active and accessible, reinitialize authentication on the port. Back

  7. Network Infrastructure Configuration for MAB Port Configuration authentication host-mode multi-auth The options available for this command are multi-auth and single. With multi-auth as shown a wireless access point or hub can be attached to the switch port and individual multiple hosts can be authorized against the port In single mode only one of the attached clients must be authorized for all the clients to be granted network access. If the orginal authorized client leaves the port then all those previously authorized clients will be logged off. Can be used in conjunction with switchport security to limit access to configured mac addresses. Multi-ath checks each session. Back

  8. Network Infrastructure Configuration for MAB Port Configuration authentication open To allow network traffic prior to a succesful 802.1x authentication It is a good idea to use this command in conjunction with a restrictive ACL. Back

  9. Network Infrastructure Configuration for MAB Port Configuration authentication order mab dot1x The switch port will attempt MAB authentication before 802.1x. You may want to revise this order if the bulk of endpoints are 802.1x doing so will reduce delays. Back

  10. Network Infrastructure Configuration for MAB Port Configuration authentication priority dot1x mab Allthough MAB may be configured first, if the endpoint is also capable of 802.1x As well then 802.1x authentication will take priority over MAB By default the priority changes when the order is changed. Back

  11. Network Infrastructure Configuration for MAB Port Configuration authentication port-control auto Options include :- Forced Un-authorized Forced Authorized Auto Back

  12. Network Infrastructure Configuration for MAB Port Configuration dot1x pae authenticator Enables 802.1X authentication on the interface, and sets the port personality to authenticator. pae = Port Access Enitity Back

More Related