Cisco G XADCAIAS進(jìn)行x身份驗(yàn)證_第1頁(yè)
Cisco G XADCAIAS進(jìn)行x身份驗(yàn)證_第2頁(yè)
Cisco G XADCAIAS進(jìn)行x身份驗(yàn)證_第3頁(yè)
Cisco G XADCAIAS進(jìn)行x身份驗(yàn)證_第4頁(yè)
Cisco G XADCAIAS進(jìn)行x身份驗(yàn)證_第5頁(yè)
已閱讀5頁(yè),還剩10頁(yè)未讀 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說(shuō)明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡(jiǎn)介

1、Cisco 2950G 802.1X+AD+CA+IAS進(jìn)行802.1x身份驗(yàn)證要求:1.       交換機(jī)支持802.1X協(xié)議。2.       有一臺(tái)RADIUS服務(wù)器。3.       一臺(tái)客戶端。網(wǎng)絡(luò)拓?fù)洌候?yàn)證方式:PEAP驗(yàn)證:使用證書AD用戶集成認(rèn)證;環(huán)境:Operation System: Windows 2003 enterprise editionRadius Server: windows IA

2、S(Internet 驗(yàn)證服務(wù),windows組件中安裝) CA Server: Windows CA證書服務(wù)(windows組件中安裝)Radius Client: Windows自帶。(網(wǎng)絡(luò)連接->屬性->驗(yàn)證),如果沒有“驗(yàn)證”選項(xiàng)卡,則是相關(guān)服務(wù)沒有啟用。(開始->運(yùn)行->services.msc->啟動(dòng)” Wireless Zero Configuration”服務(wù))配置:1.       安裝域,域名暫時(shí)定為:。過(guò)程略,查看相關(guān)文檔2.     

3、;  安裝IIS(Internet信息服務(wù)),IAS,CA:控制面板>添加/刪除程序->安裝windows組件,如圖: 意先安裝IIS->CA->IAS,順序不能亂了.3.       配置CA:配置過(guò)程略,參考相關(guān)資料.4.       CISCO 2950G-48-EI交換機(jī)配置:Building configuration. Current configuration : 4944 bytes!version 12.1no s

4、ervice padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname Layer_4_2!aaa new-modelaaa authentication dot1x default group radiusaaa authorization network default group radius!ip subnet-zero!spanning-tree mode mstno spanning-tree optimize bpdu transmi

5、ssionspanning-tree extend system-iddot1x system-auth-control!interface FastEthernet0/1 switchport access vlan 6!interface FastEthernet0/1.1!interface FastEthernet0/2 switchport access vlan 6!interface FastEthernet0/3 switchport access vlan 6!interface FastEthernet0/4 switchport access vlan 6 spannin

6、g-tree portfast!interface FastEthernet0/5 switchport access vlan 6 spanning-tree portfast! interface FastEthernet0/6 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/7 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/8 switchport access vlan 6 spanning-t

7、ree portfast!interface FastEthernet0/9 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/10 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/11 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/12 switchport access vlan 6 spanning-tr

8、ee portfast!interface FastEthernet0/13 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/14 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/15 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/16 switchport access vlan 6 spanning-tr

9、ee portfast!interface FastEthernet0/17 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/18 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/19 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/20 switchport access vlan 6!interface F

10、astEthernet0/21 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/22 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/23 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/24 switchport access vlan 6 spanning-tree portfast!interface F

11、astEthernet0/25 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/26 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/27 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/28 switchport access vlan 6 spanning-tree portfast!interface F

12、astEthernet0/29 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/30 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/31 switchport access vlan 6 spanning-tree portfast!interface FastEthernet0/32 switchport access vlan 6 spanning-tree portfast!interface F

13、astEthernet0/33 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/34 switchport access vlan 7 spanning-tree portfast! interface FastEthernet0/35 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/36 switchport mode access dot1x port-control auto dot1x guest

14、-vlan 21 spanning-tree portfast!interface FastEthernet0/37 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/38 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/39 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/40 switchport acces

15、s vlan 7 spanning-tree portfast!interface FastEthernet0/41 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/42 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/43 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/44 switchport acces

16、s vlan 7 spanning-tree portfast!interface FastEthernet0/45 switchport access vlan 7 spanning-tree portfast! interface FastEthernet0/46 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/47 switchport access vlan 7 spanning-tree portfast!interface FastEthernet0/48 switchport acce

17、ss vlan 7 spanning-tree portfast!interface GigabitEthernet0/1 switchport mode trunk!interface GigabitEthernet0/2!interface Vlan1 no ip route-cache!interface Vlan6 no ip route-cache shutdown!interface Vlan7 no ip route-cache shutdown!ip http serverradius-server host auth-port 1812 acct-po

18、rt 1813 key testradius-server retransmit 3radius-server vsa send authentication!line con 0line vty 0 4!monitor session 1 source interface Fa0/1monitor session 1 destination interface Fa0/43end Layer_4_2#5.       配置IAS:a)         打開IAS:b)         新建立”RADIUS客戶端”:   c)         新建訪問策略 d)         修改策略屬性6.       客戶端設(shè)置:a)     &

溫馨提示

  • 1. 本站所有資源如無(wú)特殊說(shuō)明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁(yè)內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫(kù)網(wǎng)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。

評(píng)論

0/150

提交評(píng)論