aaa authentication login AUTHENXX group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authentication dot1x default group loc1FO
aaa authentication username-prompt Local_Username:
aaa authentication password-prompt Local_Password:
aaa authentication attempts login 5
aaa authorization exec default group tacacs+ local
aaa authorization exec console local
aaa authorization exec AUTHOR-XX group tacacs+ local if-authenticated
aaa authorization network default group loc1FO
aaa authorization commands 0 console none
aaa authorization commands 0 AUTHOR-XX group tacacs+ local if-authenticated
aaa authorization commands 15 console none
aaa authorization commands 15 AUTHOR-XX group tacacs+ local if-authenticated
aaa authorization config-commands
aaa accounting exec default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting dot1x default start-stop group loc1FO
aaa accounting delay-start all
aaa accounting update newinfo periodic 1440
!
aaa server radius dynamic-author
client rad1 server-key xxx
client rad2 server-key xxx
client rad3 server-key xxx
!
!
radius server loc1
address ipv4 rad1 auth-port 1812 acct-port 1813
!
radius server loc2
address ipv4 rad2 auth-port 1812 acct-port 1813
!
radius server loc1DR
address ipv4 rad3 auth-port 1812 acct-port 1813
!
radius-server dead-criteria time 30 tries 3
!
aaa group server radius loc1FO
server name loc1
server name loc2
server name loc1DR
!
!
!
aaa new-model
aaa session-id common
!
!
interface GigabitEthernet1/0/2
description ### Data & Voice ###
switchport access vlan 403
switchport mode access
switchport voice vlan 455
authentication host-mode multi-auth
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication periodic
mab
dot1x pae authenticator
dot1x timeout tx-period 10
dot1x max-req 3
dot1x max-reauth-req 3
spanning-tree portfast
