PurposeCommand or Action
Configures the time period for which an user is blocked, if the
user fails to successfully login within the specified time and login
attempts.
aaa authentication rejected n in m ban x
Example:
Device(config)# aaa authentication rejected
3 in 20 ban 300
Step 5
• n—Specifies the number of times a user can try to login.
• m—Specifies the number of seconds within which an user
can try to login.
• x—Specifies the time period an user is banned if the user
fails to successfully login.
Exits global configuration mode and returns to privileged EXEC
mode.
end
Example:
Device(config)# end
Step 6
Displays the list of local users who were blocked.show aaa local user blocked
Example:
Device# show aaa local user blocked
Step 7
Clears the information about the blocked local user.
clear aaa local user blocked username username
Example:
Device# clear aaa local user blocked
username user1
Step 8
The following is sample output from the show aaa local user blocked command:
Device# show aaa local user blocked
Local-user State
user1 Watched (till 11:34:42 IST Feb 5 2015)
Configuring an Authenticator Switch with NEAT
Configuring this feature requires that one switch outside a wiring closet is configured as a supplicant and is
connected to an authenticator switch.
The cisco-av-pairs must be configured as device-traffic-class=switch on the ACS, which sets the interface
as a trunk after the supplicant is successfully authenticated.
Note
Beginning in privileged EXEC mode, follow these steps to configure a switch as an authenticator:
Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX
340 OL-29048-01
Configuring IEEE 802.1x Port-Based Authentication
Configuring an Authenticator Switch with NEAT
To Next Page
Loading...
Need help?
General