beautypg.com

IBM Tivoli and Cisco User Manual

Page 313

background image

Chapter 7. Network enforcement subsystem implementation

295

allow Web access and DNS access in case of manual remediation
requirements or access to the intranet Web pages for help.

On the 3750 switch, enter the following verification command:

show dot1x interface fa1/0/5 detail

nac3750sa#sho dot1x interface fa1/0/5 detail

Dot1x Info for FastEthernet1/0/5
-----------------------------------
PAE = AUTHENTICATOR
PortControl = AUTO
ControlDirection = Both
HostMode = SINGLE_HOST
ReAuthentication = Enabled
QuietPeriod = 60
ServerTimeout = 30
SuppTimeout = 30
ReAuthPeriod = (From Authentication Server)
ReAuthMax = 2
MaxReq = 2
TxPeriod = 30
RateLimitPeriod = 0
Guest-Vlan = 15

Dot1x Authenticator Client List
-------------------------------
Supplicant = 0011.25ce.f56c
Auth SM State = AUTHENTICATED
Auth BEND SM Stat = IDLE

Port Status = AUTHORIZED
ReAuthPeriod = 60
ReAuthAction = Reauthenticate
TimeToNextReauth = 59
Authentication Method = Dot1x
Posture = Quarantine
Authorized By = Authentication Server
Vlan Policy = 13

A full NAC Framework documentation reference guide can be found at:

http://www.cisco.com/en/US/partner/netsol/ns617/networking_solutions_
documentation_roadmap09186a008066499c.html

Configuring Cisco 3750 switch for NAC L2 IP

See “Configuring Cisco 3750 switch for NAC L2 802.1x” on page 292 for
prerequisites.

See also other documents in the category IBM Hardware: