Filter
Top Products
532 Configuring Port and System Security
To configure the switch:
1
Create the VLANs and configure the VLAN names.
console(config)#vlan 100
console(config-vlan100)#name Authorized
console(config-vlan100)#exit
console(config)#vlan 200
console(config-vlan200)#name Unauthorized
console(config-vlan200)#exit
console(config)#vlan 300
console(config-vlan300)#name Guest
console(config-vlan300)#exit
2
Configure information about the external RADIUS server the switch uses
to authenticate clients. The RADIUS server IP address is 10.10.10.10, and
the shared secret is qwerty123.
console(config)#radius-server key qwerty123
console(config)#radius-server host 10.10.10.10
console(Config-auth-radius)#exit
3
Enable 802.1X on the switch.
console(config)#dot1x system-auth-control
4
Create a default authentication login list and use the RADIUS server for
port-based authentication for connected clients.
console(config)#aaa authentication dot1x default
radius
5
Allow the switch to accept VLAN assignments by the RADIUS server.
console(config)#aaa authorization network default
radius
6
Enter interface configuration mode for the downlink ports.
console(config)#interface range Gi1/0/1-23
7
Set the downlink ports to the access mode because each downlink port
connects to a single host that belongs to a single VLAN.
console(config-if)#switchport mode access