Administrator Guide
Contents 13
Authentication . . . . . . . . . . . . . . . . . . . . . . 235
Authentication Types
. . . . . . . . . . . . . . . . 235
Authentication Manager
. . . . . . . . . . . . . . 236
Using RADIUS . . . . . . . . . . . . . . . . . . . 241
Using TACACS+ Servers to Control
Management Access
. . . . . . . . . . . . . . . . 246
Authentication Examples . . . . . . . . . . . . . . 248
Public Key SSH Authentication Example
. . . . . . 256
Associating a User With an SSH Key
. . . . . . . 263
Authorization
. . . . . . . . . . . . . . . . . . . . . . . 265
Exec Authorization Capabilities
. . . . . . . . . . 265
Authorization Examples
. . . . . . . . . . . . . . . 267
RADIUS Change of Authorization. . . . . . . . . . 269
TACACS Authorization
. . . . . . . . . . . . . . . 273
Accounting
. . . . . . . . . . . . . . . . . . . . . . . . 277
RADIUS Accounting
. . . . . . . . . . . . . . . . 277
IEEE 802.1X . . . . . . . . . . . . . . . . . . . . . . . . 279
What is IEEE 802.1X?
. . . . . . . . . . . . . . . . 279
What are the 802.1X Port Authentication
Modes? . . . . . . . . . . . . . . . . . . . . . . . 280
What is MAC-Based 802.1X Authentication?
. . . 281
What is the Role of 802.1X in VLAN
Assignment? . . . . . . . . . . . . . . . . . . . . 282
What is Monitor Mode?
. . . . . . . . . . . . . . 285
How Does the Authentication Server Assign
DiffServ Policy? . . . . . . . . . . . . . . . . . . . 286
What is the Internal Authentication Server?
. . . . 287
Default 802.1X Values. . . . . . . . . . . . . . . . 287
Configuring IEEE 802.1X (Web)
. . . . . . . . . . . 288
Captive Portal
. . . . . . . . . . . . . . . . . . . . . . 313
Captive Portal Overview
. . . . . . . . . . . . . . 313
Default Captive Portal Behavior and Settings
. . . 321