Manualshelf

White Paper

ManualsBrandsCisco ManualsSwitchesCisco Catalyst 3650-48TD-E Switch
12345678910
© 2015 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information
Page 9 of 19
White Paper
Local Web Authentication (LWA) with 550 bytes redirect URL - URL redirected
25 domain names in Fully Qualified Domain Name (FQDN) list
2000 Authenticated sessions with 2000 HTTP/HTTPS requests
Re-authenticate 2000 sessions with re-auth timer
Simulate continuous Dot1X Authentication failure (~500 sessions with correct
credentials) for 8 hours on Access Reject with 10 sec re-authentication timeout.
Simulate continuous Dot1X Authentication failure (~500 sessions with in-correct
credentials) for 8 hours on Access Reject with 10 sec re-authentication timeout.
Simulate continuous Dot1X Authentication failure (~500 sessions) for 8 hours due to no
response from Radius server.
Simulate continuous switching between Critical Auth and Radius Auth by making AAA
sever reachable and un-reachable for 8 hours
Simulate continuous Authentication failure due to missing and/or wrong Cisco AV-pair in
Radius response for 8 hours
Simulate continuous Authorization failure due to fail to apply VLAN policy (VLAN is
disabled on switch) for 8 hours
Simulate continuous Authorization failure due to fail to apply DACL/Filter-Id policy (ISE
sends in-correct ACE in DACL) for 8 hours
Simulate continuous Authorization policy replace and replace all (AAA attribute) for valid
authorization for 8 hours
Simulate continuous wired Authorization policy merge (AAA attribute) for valid
authorization for 8 hours
Simulate Extensible Authentication Protocol over LAN (EAPOL) at 1000 PPS for 8 hrs
Simulate HTTP/HTTPS request from PCs for 2000 users with missing credentials
(username and/or password) for 8 hours
Send HTTP/HTTPS request from Andriod and Apple device with missing credentials
(username and/or password) for 8 hours
Simulate continuous wireless HTTP/HTTPS Webauth Authentication incomplete due to
no response from external webserver for 8 hours
Clear session (IP admission cache) and shut WLAN with 2000 wireless Webauth
HTTP/HTTPS sessions
Clear sessions after converting Legacy Webauth to eEdge mode on all ports
Bring-up 2000 sessions and perform re-auth for all sessions
Continuously flap link with 500 Dot1X and MAB sessions for 8 hours
Simulate incomplete Dot1X authentication (no response from Client for Radius-
Challenge) for 8 hours
Simulate 100 Dot1X and MAB sessions with member ports and perform 20 switchover
Simulate 100 wireless Webauth sessions with member ports and perform 20 switchover
Simulate bulk MAB (phone) and Dot1X (PC) login and logout
Bring up 2000 Dot1X sessions at 100 CPS on 192 ports