Cisco Cisco Identity Services Engine 1.1 Prospecto
NEAT Configuration Example with Cisco Identity
Services Engine
Services Engine
Document ID: 116681
Contributed by Marcin Latosiewicz, Cisco TAC Engineer.
Nov 05, 2013
Nov 05, 2013
Contents
Introduction
Prerequisites
Requirements
Components Used
Configure
Network Diagram
Authenticator Switch Configuration
Supplicant Switch Configuration
ISE Configuration
Verify
Supplicant Switch Authentication to Authenticator Switch
Windows PC Authentication to Supplicant Switch
Removal of Authenticated Client from Network
Removal of Supplicant Switch
Ports Without dot1x on Supplicant Switch
Troubleshoot
Prerequisites
Requirements
Components Used
Configure
Network Diagram
Authenticator Switch Configuration
Supplicant Switch Configuration
ISE Configuration
Verify
Supplicant Switch Authentication to Authenticator Switch
Windows PC Authentication to Supplicant Switch
Removal of Authenticated Client from Network
Removal of Supplicant Switch
Ports Without dot1x on Supplicant Switch
Troubleshoot
Introduction
This document describes the configuration and behavior of Network Edge Authentication Topology (NEAT)
in a simple scenario. NEAT utilizes the Client Information Signalling Protocol (CISP) in order to propagate
client MAC addresses and VLAN information between supplicant and authenticator switches.
in a simple scenario. NEAT utilizes the Client Information Signalling Protocol (CISP) in order to propagate
client MAC addresses and VLAN information between supplicant and authenticator switches.
In this configuration example, both the authenticator switch (also called the authenticator) and supplicant
switch (also called the supplicant) perform 802.1x authentication; the authenticator authenticates the
supplicant, which, in turn, authenticates the testing PC.
switch (also called the supplicant) perform 802.1x authentication; the authenticator authenticates the
supplicant, which, in turn, authenticates the testing PC.
Prerequisites
Requirements
Cisco recommends that you have knowledge of the IEEE 802.1x authentication standard.
Components Used
The information in this document is based on these software and hardware versions:
Two Cisco Catalyst 3560 Series switches with Cisco IOS
®
Software, Release 12.2(55)SE8; one
switch acts as an authenticator, and the other acts as a supplicant.
•
Cisco Identity Services Engine (ISE), Release 1.2.
•