From: Brian McGahan (bmcgahan@internetworkexpert.com)
Date: Mon Oct 10 2005 - 13:22:59 GMT-3
Lee,
Yes you can do local 802.1x authentication if you have the
version support:
http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_
guide09186a00802114d8.html
For a simpler solution you may look at dynamic access-lists and
have the admins just authenticate to the router via telnet:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/
fsecur_c/ftrafwl/scflock.htm
Authentication proxy is another option but AFAIK you'd need a
radius or tacacs server for that.
HTH,
Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
24/7 Support: http://forum.internetworkexpert.com
Live Chat: http://www.internetworkexpert.com/chat/
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> Lee Gillespie
> Sent: Monday, October 10, 2005 9:48 AM
> To: 'Group Study'
> Subject: Port Security
>
> I have a 2800 router and I need to secure the Ethernet
> port. Basically, this router is going to be at a
> remote, unsecured, site. Technicians on occasion may
> need to connect a laptop to this router and connect to
> the network. The 2800 doesn't have a switching module
> in it, just the two standard fastethernet ports. Is it
> possible to configure 802.1x on one of these ethernet
> ports and authenticate locally?
>
>
>
>
> __________________________________
> Yahoo! Mail - PC Magazine Editors' Choice 2005
> http://mail.yahoo.com
>
>
This archive was generated by hypermail 2.1.4 : Sun Nov 06 2005 - 22:00:50 GMT-3