Ruijie Community

Title: Network Switch NAC [Print this page]

---

Author: alfred_ph_wong@    Time: 2021-10-20 15:37
Title: Network Switch NAC
Dear Expertise ,

I have the project to enhance the security on the switch , and find one of the site using the the Ruijie RG-S2952G-E (48-Port) switch.  I plan to deploy the Cisco Identity Service Engine for the switch enable the  Network Access Control  802.1X layer 2. The first step I need to enrol the switch to the ISE server , configure the aaa model and NAC on the switch.  The below command is for the Cisco

aaa new-model
aaa authentication login default local
aaa authentication dot1x default group DoHISE
aaa authorization exec default local
aaa authorization network default group DoHISE
!
aaa group server radius DoHISE
server-private 10.13.253.200 key 0 xxxxxx            ## ISE server
server-private 10.13.30.72  key 0 xxxxxxxx            #   ISE server
ip radius source-interface Vlanx                           
deadtime 1

!
dot1x system-auth-control
dot1x guest-vlan supplicant



NAC
interface Gi1/0/1
authentication event fail action next-method
authentication event server dead action authorize vlan 1
authentication event server alive action reinitialize
authentication port-control auto
authentication timer restart 3600
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
dot1x timeout supp-timeout 10


May I know if these command can apply on the Ruijie RG-S2952G-E?

Thank you

---

Author: GTAC-Daisy    Time: 2021-10-21 11:16
Dear Alfred,

For the 802.1x auh on switch, please refer to the following guide
https://www.ruijienetworks.com/s ... 6-869a-dfa9d6919e77

---

Author: sarahroxon6@gma    Time: 2022-1-21 23:45
A great tutorial and now I found a way to solve the problem I was having.
slope game

---

Welcome to Ruijie Community (https://community.ruijienetworks.com/)

Powered by Discuz! X3.2