DELL N3000 User Manual

Configuring Port and System Security

To configure the switch:

1 Configure the DiffServ traffic class that matches SSH traffic.

console#configure

console(config)#class-map match-all cl-ssh

console(config-classmap)#match srcl4port 23

console(config-classmap)#exit

2 Configure the DiffServ traffic class that matches HTTP traffic.

console(config)#class-map match-all cl-http

console(config-classmap)#match srcl4port 80

console(config-classmap)#exit

3 Configure the DiffServ policy.

console(config)#policy-map con-pol in

console(config-policy-map)#class cl-ssh

console(config-policy-classmap)#drop

console(config-policy-classmap)#exit

console(config-policy-map)#class cl-http

console(config-policy-classmap)#police-simple 

console(config-policy-classmap)#exit

console(config-policy-map)#exit

4 Enable DiffServ on the switch.

console(config)#diffserv

5 Configure information about the external RADIUS server the switch uses 

to authenticate clients. The RADIUS server IP address is 10.10.10.10, and 

the shared secret is qwerty123. 

console(config)#radius-server key qwerty123                    

console(config)#radius-server host 10.10.10.10

console(Config-auth-radius)#exit

6 Enable 802.1X on the switch. 

console(config)#dot1x system-auth-control

7 Create a default authentication login list and use the RADIUS server for 

port-based authentication for connected clients.