https://community.cisco.com/t5/network-access-control/per-user-acl-s-and-qos/m-p/659070#M422590 <P>I there !!1</P><P></P><P>I have a network that uses MS IAS for Radius auth in a wireless network. I'd like to setup 802.1x in all the switchs we have. The auth thing is simple (I hope). I've Found information on assigning user to a Vlan thru a radius response, but i'm trying to go beond that.</P><P></P><P>I'm trying to find if it's possible to use per user ACL's in 2950 Switches? </P><P>I've been searching, and I found DACL's, but all the nformation only points to PIX/ASA/Router products. Is it possible to use this in switches?? or theres something like his.</P><P></P><P>I Want to stop traffic in this switchs, so it doesn't clutter the network. And because a have several groups of users inside a master group, i.e.: I have TEachers and then inside that I have Mecanics Theachers, Computer ENG Teachers, ... You get the picture.. <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>Is it possible and where can I find Information. (IOS version no problem, I'll buy the version needed)</P><P></P><P>Regards,</P><P></P><P>Rui Silva</P><P>Instituto Polit?cnico de Leiria</P><P>Portugal</P> Sun, 10 Mar 2019 21:48:37 GMT rui.silva 2019-03-10T21:48:37Z https://community.cisco.com/t5/network-access-control/per-user-acl-s-and-qos/m-p/659070#M422590 <P>I there !!1</P><P></P><P>I have a network that uses MS IAS for Radius auth in a wireless network. I'd like to setup 802.1x in all the switchs we have. The auth thing is simple (I hope). I've Found information on assigning user to a Vlan thru a radius response, but i'm trying to go beond that.</P><P></P><P>I'm trying to find if it's possible to use per user ACL's in 2950 Switches? </P><P>I've been searching, and I found DACL's, but all the nformation only points to PIX/ASA/Router products. Is it possible to use this in switches?? or theres something like his.</P><P></P><P>I Want to stop traffic in this switchs, so it doesn't clutter the network. And because a have several groups of users inside a master group, i.e.: I have TEachers and then inside that I have Mecanics Theachers, Computer ENG Teachers, ... You get the picture.. <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>Is it possible and where can I find Information. (IOS version no problem, I'll buy the version needed)</P><P></P><P>Regards,</P><P></P><P>Rui Silva</P><P>Instituto Polit?cnico de Leiria</P><P>Portugal</P> Sun, 10 Mar 2019 21:48:37 GMT https://community.cisco.com/t5/network-access-control/per-user-acl-s-and-qos/m-p/659070#M422590 rui.silva 2019-03-10T21:48:37Z https://community.cisco.com/t5/network-access-control/per-user-acl-s-and-qos/m-p/659071#M422591 <HTML><HEAD></HEAD><BODY><P>he following example shows that per-user QoS is being configured using the AAA policy name "policy_class_1_2":</P><P></P><P>class-map match-all class1 </P><P> match access-group 101 </P><P>class-map match-all class2 </P><P> match qos-group 4 </P><P> match access-group 101 </P><P>policy-map policy_class_1_2 </P><P> class class1 </P><P> bandwidth 3000 </P><P> queue-limit 30 </P><P> class class2 </P><P> bandwidth 2000</P><P> class class-default </P><P> bandwidth 500 </P><P>peruser_qos_1 Password = "lab" </P><P> Service-Type = Framed, </P><P> Framed-Protocol = PPP, </P><P> Cisco:Cisco-avpair = "ip:sub-policy-In=ssspolicy"</P><P>!ssspolicy in the above line is the name of the policy.</P><P>peruser_qos_2 Password = "lab" </P><P> Service-Type = Framed, </P><P> Framed-Protocol = PPP, </P><P> Cisco:Cisco-avpair = "ip:sub-policy-Out=ssspolicy" </P></BODY></HTML> Tue, 31 Oct 2006 17:36:52 GMT https://community.cisco.com/t5/network-access-control/per-user-acl-s-and-qos/m-p/659071#M422591 sbilgi 2006-10-31T17:36:52Z