DETAILED STEPS
PurposeCommand or Action
Enters the global configuration mode.configure terminal
Example:
Switch# configure terminal
Step 1
Enables AAA.aaa new-model
Example:
Switch(config)# aaa new-model
Step 2
Sets the conditions that determine when a RADIUS server is considered
un-available or down (dead).
radius-server dead-criteria{time seconds }
[tries number]
Step 3
Example:
Switch(config)# radius-server
• time— 1 to 120 seconds. The switch dynamically determines a
default seconds value between 10 and 60.
• number—1 to 100 tries. The switch dynamically determines a default
triesnumber between 10 and 100.
dead-criteria time 20 tries 10
(Optional) Sets the number of minutes during which a RADIUS server is
not sent requests. The range is from 0 to 1440 minutes (24 hours). The
default is 0 minutes.
radius-serverdeadtimeminutes
Example:
Switch(config)# radius-server deadtime
Step 4
60
(Optional) Configure the RADIUS server parameters by using these
keywords:
radius-server host ip-address
address[acct-port udp-port][auth-port
Step 5
udp-port] [testusername name[idle-time time]
• acct-portudp-port—Specify the UDP port for the RADIUS
accounting server. The range for the UDP port number is from 0 to
65536. The default is 1646.
[ignore-acct-port][ignore auth-port]] [key
string]
Example:
Switch(config)# radius-server host
• auth-portudp-port—Specify the UDP port for the RADIUS
authentication server. The range for the UDP port number is from 0
to 65536. The default is 1645.
1.1.1.2 acct-port 1550 auth-port
1560 test username user1 idle-time 30
You should configure the UDP port for the RADIUS
accounting server and the UDP port for the RADIUS
authentication server to nondefault values.
Note
key abc1234
• test usernamename—Enable automated testing of the RADIUS
server status, and specify the username to be used.
• idle-time time—Set the interval of time in minutes after which the
switch sends test packets to the server. The range is from 1 to 35791
minutes. The default is 60 minutes (1 hour).
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1384
How to Configure 802.1x Port-Based Authentication