EasyManuals Logo

Cisco Catalyst 3560-X User Manual

Cisco Catalyst 3560-X
1538 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #250 background imageLoading...
Page #250 background image
1-18
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
OL-25303-03
Chapter 1 Configuring Switch-Based Authentication
Controlling Switch Access with RADIUS
Note For complete syntax and usage information for the commands used in this section, see the Cisco IOS
Security Command Reference, Release 12.4 and the Cisco IOS IPv6 Command Reference.
These sections contain this configuration information:
Understanding RADIUS, page 1-18
RADIUS Operation, page 1-19
RADIUS Change of Authorization, page 1-20
Configuring RADIUS, page 1-26
Displaying the RADIUS Configuration, page 1-39
Understanding RADIUS
RADIUS is a distributed client/server system that secures networks against unauthorized access.
RADIUS clients run on supported Cisco routers and switches. Clients send authentication requests to a
central RADIUS server, which contains all user authentication and network service access information.
The RADIUS host is normally a multiuser system running RADIUS server software from Cisco (Cisco
Secure Access Control Server Version 3.0), Livingston, Merit, Microsoft, or another software provider.
For more information, see the RADIUS server documentation.
Note We recommend a redundant connection between a switch stack and the RADIUS server. This is to help
ensure that the RADIUS server remains accessible in case one of the connected stack members is
removed from the switch stack.
Use RADIUS in these network environments that require access security:
Networks with multiple-vendor access servers, each supporting RADIUS. For example, access
servers from several vendors use a single RADIUS server-based security database. In an IP-based
network with multiple vendors’ access servers, dial-in users are authenticated through a RADIUS
server that has been customized to work with the Kerberos security system.
Turnkey network security environments in which applications support the RADIUS protocol, such
as in an access environment that uses a smart card access control system. In one case, RADIUS has
been used with Enigma’s security cards to validates users and to grant access to network resources.
Networks already using RADIUS. You can add a Cisco switch containing a RADIUS client to the
network. This might be the first step when you make a transition to a TACACS+ server. See
Figure 1-2 on page 1-19.
Network in which the user must only access a single service. Using RADIUS, you can control user
access to a single host, to a single utility such as Telnet, or to the network through a protocol such
as IEEE 802.1x. For more information about this protocol, see Chapter 1, “Configuring IEEE 802.1x
Port-Based Authentication.
Networks that require resource accounting. You can use RADIUS accounting independently of
RADIUS authentication or authorization. The RADIUS accounting functions allow data to be sent
at the start and end of services, showing the amount of resources (such as time, packets, bytes, and
so forth) used during the session. An Internet service provider might use a freeware-based version
of RADIUS access control and accounting software to meet special security and billing needs.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 3560-X and is the answer not in the manual?

Cisco Catalyst 3560-X Specifications

General IconGeneral
Enclosure TypeRack-mountable - 1U
SubtypeGigabit Ethernet
Ports48 x 10/100/1000 + 4 x SFP
Flash Memory64 MB
Power DeviceInternal power supply
Voltage RequiredAC 120/230 V (50/60 Hz)
Operating SystemCisco IOS
Device TypeSwitch
PerformanceSwitching capacity: 128 Gbps
Jumbo Frame SupportYes
Routing ProtocolRIP-1, RIP-2, EIGRP
Remote Management ProtocolSNMP 1, RMON 1, RMON 2, RMON 3, RMON 9, Telnet, SNMP 3, HTTP, HTTPS
FeaturesDHCP support, VLAN support, QoS, IPv6 support, Syslog
Compliant StandardsIEEE 802.3, IEEE 802.3u, IEEE 802.3z, IEEE 802.1D, IEEE 802.1Q, IEEE 802.3ab, IEEE 802.1p, IEEE 802.3af, IEEE 802.3x, IEEE 802.3ad, IEEE 802.1w, IEEE 802.1x, IEEE 802.1s, IEEE 802.3ah, IEEE 802.1ag, IEEE 802.3at
StackingStackable
Security FeaturesSSH, RADIUS, TACACS+
ManagementCLI
Dimensions (H x W x D)17.5 in
Operating Temperature32 to 113 °F (0 to 45 °C)
Humidity10 - 95% (non-condensing)

Related product manuals