Filter
Top Products
288 Building a Network Access Control Solution with IBM Tivoli and Cisco Systems
3. Repeat step 3 on page 265 to step 12 on page 268, using the values listed in
Table 7-8 and Table 7-9. We used the names Healthy_L2IP_RAC and
Quarantine_L2IP_RAC.
Table 7-8 L2 IP Healthy RAC values
Table 7-9 L2 IP Quarantine RAC values
Note: These values are instead of the values listed previously, as opposed
to
in addition to.
Vendor Attribute Value
Cisco IOS/PIX 6.0 cisco-av-pair (1) status-query-timeout=30
Cisco IOS/PIX 6.0 cisco-av-pair (1) sec:pg=healthy_hosts
Cisco IOS/PIX 6.0 cisco-av-pair (1) url-redirect-acl=healthy_acl
IETF Session-Timeout (27) 3600
IETF Termination-Action (29) RADIUS-Request(1)
Vendor Attribute Value
Cisco IOS/PIX 6.0 cisco-av-pair (1) status-query-timeout=30
Cisco IOS/PIX 6.0 cisco-av-pair (1) sec:pg=quarantine_hosts
Cisco IOS/PIX 6.0 cisco-av-pair (1) url-redirect-acl=quarantine_acl
IETF Session-Timeout (27) 3600
IETF Termination-Action (29) RADIUS-Request(1)
Note: The name of the ACL specified in the url-redirect-acl attribute must be
configured on the switch. It is case-sensitive and must match exactly. If it does
not match, it will not function on the switch. The syntax of the ACL must be
identical also. We suggest using extended access lists.