Cisco G XADCAIAS進行x身份驗證

上傳人：鼠*** IP屬地：上海上傳時間：2022-03-04 格式：DOCX 頁數(shù)：15 大?。?83.27KB 積分：20 舉報 版權(quán)申訴

已閱讀5頁，還剩10頁未讀，繼續(xù)免費閱讀

版權(quán)說明：本文檔由用戶提供并上傳，收益歸屬內(nèi)容提供方，若內(nèi)容存在侵權(quán)，請進行舉報或認(rèn)領(lǐng)

文檔簡介

1、Cisco 2950G 802.1X+AD+CA+IAS進行802.1x身份驗證要求：1. 交換機支持802.1X協(xié)議。2. 有一臺RADIUS服務(wù)器。3. 一臺客戶端。網(wǎng)絡(luò)拓?fù)洌候炞C方式：PEAP驗證：使用證書AD用戶集成認(rèn)證;環(huán)境：Operation System: Windows 2003 enterprise editionRadius Server: windows IA

2、S(Internet 驗證服務(wù)，windows組件中安裝) CA Server: Windows CA證書服務(wù)(windows組件中安裝)Radius Client: Windows自帶。（網(wǎng)絡(luò)連接->屬性->驗證），如果沒有“驗證”選項卡，則是相關(guān)服務(wù)沒有啟用。（開始->運行->services.msc->啟動” Wireless Zero Configuration”服務(wù)）配置：1. 安裝域，域名暫時定為：。過程略，查看相關(guān)文檔2.

3、; 安裝IIS(Internet信息服務(wù)),IAS,CA：控制面板>添加/刪除程序->安裝windows組件,如圖: 意先安裝IIS->CA->IAS,順序不能亂了.3. 配置CA:配置過程略,參考相關(guān)資料.4. CISCO 2950G-48-EI交換機配置:Building configuration. Current configuration : 4944 bytes!version 12.1no s

4、ervice padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname Layer_4_2!aaa new-modelaaa authentication dot1x default group radiusaaa authorization network default group radius!ip subnet-zero!spanning-tree mode mstno spanning-tree optimize bpdu transmi

5、ssionspanning-tree extend system-iddot1x system-auth-control!interface FastEthernet0/1 switchport access vlan 6!interface FastEthernet0/1.1!interface FastEthernet0/2 switchport access vlan 6!interface FastEthernet0/3 switchport access vlan 6!interface FastEthernet0/4 switchport access vlan 6 spannin

6、g-tree portfast!interface FastEthernet0/5 switchport access vlan 6 spanning-tree portfast! interface FastEthernet0/6 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/7 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/8 switchport access vlan 6 spanning-t

7、ree portfast!interface FastEthernet0/9 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/10 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/11 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/12 switchport access vlan 6 spanning-tr

8、ee portfast!interface FastEthernet0/13 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/14 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/15 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/16 switchport access vlan 6 spanning-tr

9、ee portfast!interface FastEthernet0/17 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/18 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/19 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/20 switchport access vlan 6!interface F

10、astEthernet0/21 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/22 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/23 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/24 switchport access vlan 6 spanning-tree portfast!interface F

11、astEthernet0/25 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/26 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/27 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/28 switchport access vlan 6 spanning-tree portfast!interface F

12、astEthernet0/29 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/30 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/31 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/32 switchport access vlan 6 spanning-tree portfast!interface F

13、astEthernet0/33 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/34 switchport access vlan 7 spanning-tree portfast! interface FastEthernet0/35 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/36 switchport mode access dot1x port-control auto dot1x guest

14、-vlan 21 spanning-tree portfast!interface FastEthernet0/37 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/38 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/39 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/40 switchport acces

15、s vlan 7 spanning-tree portfast!interface FastEthernet0/41 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/42 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/43 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/44 switchport acces

16、s vlan 7 spanning-tree portfast!interface FastEthernet0/45 switchport access vlan 7 spanning-tree portfast! interface FastEthernet0/46 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/47 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/48 switchport acce

17、ss vlan 7 spanning-tree portfast!interface GigabitEthernet0/1 switchport mode trunk!interface GigabitEthernet0/2!interface Vlan1 no ip route-cache!interface Vlan6 no ip route-cache shutdown!interface Vlan7 no ip route-cache shutdown!ip http serverradius-server host auth-port 1812 acct-po

18、rt 1813 key testradius-server retransmit 3radius-server vsa send authentication!line con 0line vty 0 4!monitor session 1 source interface Fa0/1monitor session 1 destination interface Fa0/43end Layer_4_2#5. 配置IAS:a) 打開IAS:b) 新建立”RADIUS客戶端”: c) 新建訪問策略 d) 修改策略屬性6. 客戶端設(shè)置:a) &

人人文庫> 全部分類> 教育資料 > 課件下載

溫馨提示

1. 本站所有資源如無特殊說明，都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
2. 本站的文檔不包含任何第三方提供的附件圖紙等，如果需要附件，請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
3. 本站RAR壓縮包中若帶圖紙，網(wǎng)頁內(nèi)容里面會有圖紙預(yù)覽，若沒有圖紙預(yù)覽就沒有圖紙。
4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
5. 人人文庫網(wǎng)僅提供信息存儲空間，僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護處理，對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯，并不能對任何下載內(nèi)容負(fù)責(zé)。
6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容，請與我們聯(lián)系，我們立即糾正。
7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時也不承擔(dān)用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

Cisco G XADCAIAS進行x身份驗證

文檔簡介

溫馨提示

最新文檔

評論