Skip to content

TechRepublic

  • Top Products Lists
  • Developer
  • 5G
  • Security
  • Cloud
  • Artificial Intelligence
  • Tech & Work
  • Mobility
  • Big Data
  • Innovation
  • Cheat Sheets
  • TechRepublic Academy
  • CES
  • TechRepublic Premium
  • Top Products Lists
  • Developer
  • 5G
  • Security
  • Cloud
  • Artificial Intelligence
  • Tech & Work
  • Mobility
  • Big Data
  • Innovation
  • Cheat Sheets
  • TechRepublic Academy
  • CES
  • See All Topics
  • Sponsored
  • Newsletters
  • Forums
  • Resource Library
TechRepublic Premium
Join / Sign In
Networking

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

By brandoncarroll April 12, 2011, 11:22 PM PDT

Image
1
of 17

Screen_shot_2011-04-12_at_1.52.39_PM.jpg
Screen_shot_2011-04-12_at_1.52.39_PM.jpg
How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Log in to ACS

Log in to ACS

ntTo log in to the ACS server (I’m assuming its already running on the network) you can browse to the IP address or name of the server.

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Navigate to Network Resources | Network Devices and AAA Clients

Navigate to Network Resources | Network Devices and AAA Clients

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Select the switch you are working with

Select the switch you are working with

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Add a user

Add a user

ntBrowse to Users and Identity Stores | Internal Identity Stores |Users.

n

ntOnce there, click the Create button on the bottom and add your users. I’ve added a user with the name bcarroll.

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Create a device filter

Create a device filter

ntNavigate to Policy Elements | Session Conditions | Network Conditions | Device Filtersand click Create.

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Add the Device Name

Add the Device Name

ntNow add the device name by selecting the Device Name tab and again clicking Create. This part can cause some issues. If you are not allowing pop-ups it may appear that nothing happens. In my case, I had to switch from a Safari browser to a Firefox browser.

n

ntOnce the pop-up appears you will see an empty form box to add the device to. You can’t type in the box, rather you click the Select button and select the device from the list.

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Select the device

Select the device

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Switch is now added to list

Switch is now added to list

ntOnce your switch is selected you will click ok  a few times until you get back to the main ACS page and the switch is reflected in the list.

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Create authorization profiles by department

Create authorization profiles by department

ntBrowse to Policy Elements | Authorization and Permissions | Network Access | Authorization Profiles.

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Authorization profile page for HR Vlan

Authorization profile page for HR Vlan

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Define profile attributes

Define profile attributes

ntIn the example, I’ve defined a few attributes for HR, specifically:

n

    nt

  • nttTunnel-Type
  • nt

  • nttTunnel-Medium-Type
  • nt

  • nttTunnel-Private-Group-ID
  • n

n

ntYou have to define attributes for each profile separately.

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Create an Access Service

Create an Access Service

ntNavigate to Access Policies | Access Services. I’ve done a User Selected Service Type of Network Access and left the default selections of Identity and Authorization. At the bottom of the page, click Next.

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Allowed Protocols

Allowed Protocols

ntThis is where you select the protocol you want to use., I am going to use EAP-MD5. Once you select your protocol, click Finish.

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Confirm Service Selection

Confirm Service Selection

ntNext, you should see a pop-up asking if you want to modify the Service Selection policy to activate the server. You want to answer Yes here. This will then take you to the rules page.

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Customize Rules

Customize Rules

ntOn the Rules page click Customize and add Device Filter to the right hand menu. If it’s not there, you will not see it as a condition.

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

View Conditions for rule

View Conditions for rule

ntAnd now when you add or modify Rule-1, you should see the conditions. You’re now done on ACS.

How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

Edit Windows adapter for MD5 Challenge

Edit Windows adapter for MD5 Challenge

ntFinally edit your Windows adapter to enable 802.1x authentication and select MD5 Challenge. You’ll get a little balloon window to authenticate the next time you connect that host to the port configured for 802.1x.

  • Networking
  • Account Information

    Share with Your Friends

    How to configure ACS 5.2 for 802.1x authentication on a Cisco switch

    Your email has been sent

Share: How to configure ACS 5.2 for 802.1x authentication on a Cisco switch
Image of brandoncarroll
By brandoncarroll
Brandon Carroll has been in the industry since the late 90s specializing in data networking and network security in the enterprise and data center. Brandon holds the CCIE in security and is a published author in network security.
  • Account Information

    Contact brandoncarroll

    Your message has been sent

  • |
  • See all of brandoncarroll's content

TechRepublic Premium

  • TechRepublic Premium

    Shadow IT policy

    Shadow IT is a concept whereby an organization’s employees use technology, services or systems without the knowledge of or approval from the IT department. It has arisen due to several reasons: Advances in cloud computing, which involve the usage of applications or sharing of data in public environments previously owned by IT. The evolution of ...

    Published:  February 2, 2023, 11:00 AM EST Modified:  February 3, 2023, 2:00 PM EST Read More See more TechRepublic Premium
  • TechRepublic Premium

    Auditing and logging policy

    Auditing and logging are essential measures for protecting mission-critical systems and troubleshooting problems. This policy outlines the appropriate auditing and logging procedures for computer systems, networks and devices that store or transport critical data. From the policy: Many computer systems, network devices and other technological hardware used in the enterprise can audit and log various ...

    Published:  February 2, 2023, 11:00 AM EST Modified:  February 3, 2023, 3:00 PM EST Read More See more TechRepublic Premium
  • TechRepublic Premium

    Vendor contract renewal planner

    Determining how and when to renew support contracts can be tedious and time-consuming. Our vendor contract renewal planner will help you schedule support renewals and budget the related costs. From the planner: Some companies schedule their support contract renewals to take effect all at once, such as on January 1. This provides a convenient renewal ...

    Published:  February 1, 2023, 11:00 AM EST Modified:  February 2, 2023, 12:00 PM EST Read More See more TechRepublic Premium
  • TechRepublic Premium

    Access management policy

    Without appropriate access management controls, businesses are at significant risk from the loss or theft of both physical and digital assets. Access management controls establish who is allowed the appropriate level of access in order to do their jobs, while reducing the potential for damage or harm to the company. The purpose of this policy ...

    Downloads
    Published:  February 1, 2023, 11:00 AM EST Modified:  February 2, 2023, 4:00 PM EST Read More See more TechRepublic Premium

Services

  • About Us
  • Newsletters
  • RSS Feeds
  • Site Map
  • Site Help & Feedback
  • FAQ
  • Advertise
  • Do Not Sell My Information

Explore

  • Downloads
  • TechRepublic Forums
  • Meet the Team
  • TechRepublic Academy
  • TechRepublic Premium
  • Resource Library
  • Photos
  • Videos
  • TechRepublic
  • TechRepublic on Twitter
  • TechRepublic on Facebook
  • TechRepublic on LinkedIn
  • TechRepublic on Flipboard
© 2023 TechnologyAdvice. All rights reserved.
  • Privacy Policy
  • Terms of Use
  • Property of TechnologyAdvice