EasyManuals Logo

Cisco Catalyst 250 Series User Manual

Cisco Catalyst 250 Series
498 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #353 background imageLoading...
Page #353 background image
PurposeCommand or Action
Enables AAA.aaa new-model
Example:
Switch(config)# aaa new-model
Step 2
Sets the conditions that determine when a RADIUS server is considered
un-available or down (dead).
radius-server dead-criteria{time seconds }
[tries number]
Step 3
Example:
Switch(config)# radius-server
• time— 1 to 120 seconds. The switch dynamically determines a
default seconds value between 10 and 60.
• number—1 to 100 tries. The switch dynamically determines a default
triesnumber between 10 and 100.
dead-criteria time 20 tries 10
(Optional) Sets the number of minutes during which a RADIUS server is
not sent requests. The range is from 0 to 1440 minutes (24 hours). The
default is 0 minutes.
radius-serverdeadtimeminutes
Example:
Switch(config)# radius-server deadtime
Step 4
60
(Optional) Configure the RADIUS server parameters by using these
keywords:
radius-server host ip-address
address[acct-port udp-port][auth-port
Step 5
udp-port] [testusername name[idle-time time]
• acct-portudp-port—Specify the UDP port for the RADIUS
accounting server. The range for the UDP port number is from 0 to
65536. The default is 1646.
[ignore-acct-port][ignore auth-port]] [key
string]
Example:
Switch(config)# radius-server host
• auth-portudp-port—Specify the UDP port for the RADIUS
authentication server. The range for the UDP port number is from 0
to 65536. The default is 1645.
1.1.1.2 acct-port 1550 auth-port
1560 test username user1 idle-time 30
You should configure the UDP port for the RADIUS
accounting server and the UDP port for the RADIUS
authentication server to nondefault values.
Note
key abc1234
• test usernamename—Enable automated testing of the RADIUS
server status, and specify the username to be used.
• idle-time time—Set the interval of time in minutes after which the
switch sends test packets to the server. The range is from 1 to 35791
minutes. The default is 60 minutes (1 hour).
• ignore-acct-port—Disable testing on the RADIUS-server accounting
port.
• ignore-auth-port—Disable testing on the RADIUS-server
authentication port.
•
For keystring, specify the authentication and encryption key used
between the switch and the RADIUS daemon running on the
Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX
OL-29048-01 329
Configuring IEEE 802.1x Port-Based Authentication
Configuring 802.1x Inaccessible Authentication Bypass with Critical Voice VLAN

Table of Contents

Other manuals for Cisco Catalyst 250 Series

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 250 Series and is the answer not in the manual?

Cisco Catalyst 250 Series Specifications

General IconGeneral
BrandCisco
ModelCatalyst 250 Series
CategorySwitch
LanguageEnglish

Related product manuals