Users Guide
14 Contents
Authentication . . . . . . . . . . . . . . . . . . . . . 275
Authentication Types
. . . . . . . . . . . . . . . 275
Authentication Manager
. . . . . . . . . . . . . 276
Using RADIUS. . . . . . . . . . . . . . . . . . . 281
Using TACACS+ Servers to Control
Management Access
. . . . . . . . . . . . . . . 286
Authentication Examples
. . . . . . . . . . . . . 288
Public Key SSH Authentication Example
. . . . . 296
Associating a User With an SSH Key
. . . . . . . 304
Authorization
. . . . . . . . . . . . . . . . . . . . . . 306
Exec Authorization Capabilities
. . . . . . . . . . 306
Authorization Examples
. . . . . . . . . . . . . . 308
RADIUS Change of Authorization
. . . . . . . . . 310
TACACS Authorization . . . . . . . . . . . . . . 314
Accounting . . . . . . . . . . . . . . . . . . . . . . . 318
RADIUS Accounting
. . . . . . . . . . . . . . . 318
IEEE 802.1X
. . . . . . . . . . . . . . . . . . . . . . . 320
What is IEEE 802.1X?
. . . . . . . . . . . . . . . 320
What are the 802.1X Port Authentication
Modes? . . . . . . . . . . . . . . . . . . . . . . 321
What is MAC-Based 802.1X Authentication?
. . . 322
What is the Role of 802.1X in VLAN
Assignment? . . . . . . . . . . . . . . . . . . . 323
What is Monitor Mode?
. . . . . . . . . . . . . . 326
How Does the Authentication Server Assign
DiffServ Policy? . . . . . . . . . . . . . . . . . . 327
What is the Internal Authentication Server?
. . . 328
Default 802.1X Values
. . . . . . . . . . . . . . . 328
Configuring IEEE 802.1X (Web) . . . . . . . . . . 329
Captive Portal . . . . . . . . . . . . . . . . . . . . . 354
Captive Portal Overview
. . . . . . . . . . . . . 354