cisco 3560开启802.1x
来源:互联网 发布:flipboard是什么软件 编辑:程序博客网 时间:2024/05/19 01:08
3560
#启用AAA
aaanew-model
!
!
#AAA login认证方法列表名为default,认证方法1 line方法2 enable
aaaauthentication login default line enable
#启用dot1x的认证以radius服务器组方式进行认证
aaaauthentication dot1x default group radius
#启用网络服务认证方式以radius服务器方式进行认证
aaaauthorization network default group radius
!
!!
cryptopki trustpoint TP-self-signed-1698184192
enrollment selfsigned
subject-namecn=IOS-Self-Signed-Certificate-1698184192
revocation-check none
rsakeypair TP-self-signed-1698184192
!
!
crypto pki certificate chainTP-self-signed-1698184192
certificate self-signed 01
30820249 308201B2 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31363938 31383431 3932301E 170D3933 30333031 30303033
34355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36393831
38343139 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100D316 9DBB6F63 762E6919 9F33994F F14D493D 661E494C D688C816 6D85D70D
BA1D05D5 DA93502D 6DF67C13 123CC586 C730BBA2 CEBCE49B C8C89B6F 5004DFBA
7F507554 6E10C9A3 9D4E8015 AFFCDCB4 FC3A3A74 9E35BE80 8EC8294F 8F7ECB9E
9AC370DF 4D91A218 7DDA098F AA8C8BC6 34443752 00D22041 39CD57FD 724B2A66
2CF50203 010001A3 71306F30 0F060355 1D130101 FF040530 030101FF 301C0603
551D1104 15301382 11303266 2D622D33 35363078 2D323474 732E301F 0603551D
23041830 16801458 3FF3D9D6 91DEB6D4 9B1C9C38 0DF22309 E61EA330 1D060355
1D0E0416 0414583F F3D9D691 DEB6D49B 1C9C380D F22309E6 1EA3300D 06092A86
4886F70D 01010405 00038181 00A97B75 95DF7BAA B999E68D 8FA4EB24 12C44035
B751531B FD390AA1 92BA4EB4 8127182D 5FC6A210 EC64DFB7 43AD7389 082BF1C9
B887549A 952D567B 38435602 3ACCDB68 7C826457 02325DF1 040D6B4E AE1596C7
43589967 67E71F51 D942D2A2 17B6844F A21D30AE B51AE3D5 68E9F111 EC029D52
74F14455 8AFE377B 21F12184 FA
Quit
#启用dot1x system-auto-control全局的801.1x认证控制
dot1x system-auth-control
spanning-tree mode pvst
spanning-tree extend system-id
!
!
interface GigabitEthernet0/1
switchport access vlan 104
switchport mode access
authentication host-mode multi-auth
authentication port-control auto
dot1x pae authenticator
spanning-tree portfast
!
interface GigabitEthernet0/2
switchport access vlan 104
switchport mode access
#配置主机模式为多认证模式
authentication host-mode multi-auth
#在一个端口上启用认证控制模式
authentication port-control auto
#将端口配置为port accessentity看作一个认证器
dot1x paeauthenticator
spanning-tree portfast
!
interface GigabitEthernet0/3
switchport access vlan 104
switchport mode access
authentication host-mode multi-auth
authentication port-control auto
dot1x pae authenticator
spanning-tree portfast
!
interface GigabitEthernet0/4
switchportaccess vlan 104
switchport mode access
authentication host-mode multi-auth
authentication port-control auto
dot1x pae authenticator
#启用mac地址bypass功能(主要是为了网络打印机使用)
mab
spanning-tree portfast
!
#本命令必须要指定,要不如果再加入其它的vlan的ip时可能会出现(不认证的方式)
Ipradius source-interface vlan 99
#指定远程RADIUS服务器主机的IP地址为x.x.x.x.x指定认证请求的udp认证端口为1812,指定accounting请求的udp目标端口为1813;key的值要与服务器端一样(在这里key 0 xxxxxx)。
radius-serverhost x.x.x.x auth-port 1812 acct-port 1813 key 7 1446405858517C
!
!
line con 0
password 7 111A1D1F0E405B5D50
line vty 0 4
#在这里需要添加一句login authenticationdefault其中default与上面对应
password 7 0215004112545F7018
line vty 5 15
!
end
- cisco 3560开启802.1x
- cisco 3560x snmp 详细说明
- cisco如果设置802.1X配置过程
- cisco 802.1X进行自动VLAN分配
- cisco 交换机802.1x认证流程图
- cisco 3560 MAC MOVE功能解决802.1x认证主机从交换机端口之间移动认证会话不断开问题
- win7开启802.1X MD5质询验证
- Enable 802.1X authentication (win7开启802.1x认证)
- Cisco 2950G 802.1X+AD+CA+IAS进行802.1x身份验证
- cocos2d-x开启Wifi
- cocos2d-x 开启控制台
- Intel VT-x开启
- 开启intel vt-x
- Cisco 2950G 802.1X+AD+CA+IAS进行RADIUS身份验证
- Win7环境下如何开启802.1X 无线网络认证
- 用Cisco Catalyst 3550-24-EMI(IOS:12.1(22)EA1 EMI),Cisco Secure ACS v3.3 来进行802.1X进行自动VLAN分配
- CISCO Nexus 7000和7700系列交换机开启策略路由
- CISCO 3560恢复
- cisco 交换机802.1x认证流程图
- 简单计算器
- “会教的老师”与“不会教的老师”
- bsh for android : 北京时间
- CISCO Nexus 7000和7700系列交换机开启策略路由
- cisco 3560开启802.1x
- 西湖晨练偶记:移动互联网的未来
- OpenStack 学习笔记-1
- Request.Params用法
- Twproject Gantt – 开源的 JavaScript 甘特图组件
- Fragment的快速入门
- mac macbook eclipse 更改字体
- 深入理解计算机系统 家庭作业 2.80
- Remove Duplicates from Sorted List
