思科eou配置

aaa new-model
aaa group server radius dot1x
 server 134.160.148.85 auth-port 1812 acct-port 1813
 server-private 134.160.148.85 auth-port 1812 acct-port 1813 key 123456
!
aaa authentication login default line
aaa authentication eou default group dot1x
aaa authorization network default local
aaa accounting network default none
!

ip admission name nac eapoudp
!
ip device tracking probe count 2
ip device tracking probe interval 60
ip device tracking
!
!

eou allow clientless

interface GigabitEthernet0/16
 switchport mode access
 ip access-group NAC in
 eou allow clientless
 ip admission nac

ip access-list extended NAC
 permit udp any any eq 21862
 permit udp any eq bootpc any eq bootps
 permit udp any any eq domain
 deny   icmp any any
 deny   ip any any

ip access-list extended url-redirect-acl
 permit tcp any any eq www

radius-server host 134.160.148.85 auth-port 1812 acct-port 1813 key 123456
radius-server source-ports 1645-1646
radius-server vsa send authentication