EasyManuals Logo
Home>Cisco>Switch>WS-C6506

Cisco WS-C6506 User Manual

Cisco WS-C6506
1488 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1028 background imageLoading...
Page #1028 background image
40-34
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 40 Configuring 802.1X Authentication
Configuring 802.1X Authentication on the Switch
This example shows how to clear all the existing VLAN groups:
Console> (enable) clear dot1x vlan-group all
Console> (enable) show dot1x vlan-group all
No vlan groups are present for display.
Console> (enable)
Enabling and Disabling 802.1X RADIUS Accounting and Tracking
You can use 802.1X RADIUS accounting and tracking to send the 802.1X user accounting information
to the RADIUS server. The feature uses UDP port number 1813.
An 802.1X accounting packet can indicate the following information to the RADIUS server:
When a user successfully authenticates
When a user logs off
When the link goes down on an 802.1X port
When a reauthentication succeeds
When a reauthentication fails
The attributes of the accounting packets are as follows (some attributes are optional):
Attribute [1] USERNAME—The username that is going to be authenticated.
Attribute [4] NAS-IP—The IP address of the switch that initiated the authentication/accounting
session (typically, this is the sc0 interface IP address).
Attribute [40] ACCT-STATUS-TYPE—START/STOP/INTERIM
START is sent when the authentication succeeds and the port is moved to the authorized state.
STOP is sent when the user sends a logoff, when the link goes down, or when reauthentication
fails.
INTERIM is sent when a reauthentication succeeds.
Attribute [44] ACCT-SESSION-ID—The unique session identifier that is associated with every
accounting session.
The accounting packet format is as follows:
<NAS-IP> <user-id> <date> <time> <random16bit#>
An example of the accounting packet format is as follows:
9.9.150.140 rameshp 31/07/2003 12:40:00 12345
The attributes listed above are common regardless of the ACCT-STATUS-TYPE attribute (for
START/STOP/INTERIM).
These attributes are specific to the INTERIM updates:
Attribute [8] FRAMED-IP-ADDRESS—The IP address that is assigned to the user (this address can
be obtained through a static assignment or through DHCP).

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco WS-C6506 and is the answer not in the manual?

Cisco WS-C6506 Specifications

General IconGeneral
BrandCisco
ModelWS-C6506
CategorySwitch
LanguageEnglish

Related product manuals