EasyManuals Logo
Home>Cisco>Network Router>7604

Cisco 7604 User Manual

Cisco 7604
1011 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #802 background imageLoading...
Page #802 background image
45-18
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 45 Configuring Network Admission Control
Configuring NAC
To remove the identity policy from the switch, use the no identity-policy policy_name global
configuration command. To remove the identity profile, use the no identity profile eapoudp global
configuration command. To not authorize the specified IP device and remove the specified policy from
the device, use the no device {authorize | not-authorize} {ip-address ip_address | mac-address
mac_address | type cisco ip phone} [policy policy_name] interface configuration command.
This example shows how to configure the identity profile and policy:
Router# configure terminal
Router(config)# identity policy policy1
Router(config-identity-policy)# access-group group1
Router(config)# identity profile eapoudp
Router(config-identity-prof)# device authorize ip address 10.10.142.25 policy policy1
Router(config-identity-prof)# exit
Router(config)# end
Configuring a NAC AAA Down Policy
Note This feature is only available on the Catalyst 6500 series switch and the Catalyst 7600 router.
To configure NAC AAA down policy, perform this task:
Step 5
Router(config-identity-prof)# device {authorize |
not-authorize} {ip-address
ip_address
|
mac-address
mac_address
| type cisco ip phone}
[policy
policy_name
]
Authorizes the specified IP device, and applies the
specified policy to the device.
Step 6
Router(config)# exit
Exits from identity-profile configuration mode, and
returns to global configuration mode.
Step 7
Router# end
Returns to privileged EXEC mode.
Step 8
Router# show running-config
Verifies your entries.
Step 9
Router# copy running-config startup-config
(Optional) Saves your entries in the configuration file.
Command Purpose
Command Purpose
Step 1
Router# configure terminal
Enters global configuration mode.
Step 2
Router(config)# ip admission name
rule-name
eapoudp event timeout aaa
policy identity
identity_policy_name
Creates a NAC a rule and associates an identity policy to be applied to
sessions, when the AAA server is unreachable.
To remove the rule on the switch, use the no ip admission name
rule-name eapoudp event timeout aaa policy identity global
configuration command.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 7604 and is the answer not in the manual?

Cisco 7604 Specifications

General IconGeneral
BrandCisco
Model7604
CategoryNetwork Router
LanguageEnglish

Related product manuals