Switch Engine Locally Managed Sample Configuration

Generate, Download, and Apply the Certificate Files to the Switch

Click to expand in new window
uz_generate_certificate_bundle for switch engine

Apply the Radius/RadSec configuration to the switch – Radius Accounting is optional but will help with immediate client disconnect notifications in UZTNA​​

Click to expand in new window
uz_Apply the Radius/RadSec configuration to the switch

Apply Netlogin/Policy Configuration to the Switch​

  1. Configure the policy for dACL and VLAN authorization.

    # configure policy rule-model access-list​

    # config policy vlanauth enable​

    # config policy maptable response both​

    # enable policy​

  2. Configure netlogin for dot1x or mac authentication/reauth (example on ports 1-5).

    # enable netlogin dot1x mac​

    # configure netlogin authentication protocol-order dot1x mac web-based
              cep​

    # enable netlogin ports 1-5 dot1x mac​

    # configure netlogin add mac-list ff:ff:ff:ff:ff:ff 48​

    # configure netlogin mac ports 1-5 timers reauthentication on​