EasyManua.ls Logo

Cisco Catalyst 4500 Series - Defining AAA Server Groups

Cisco Catalyst 4500 Series
2086 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
49-107
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 49 Configuring 802.1X Port-Based Authentication
Controlling Switch Access with RADIUS
To disable AAA, use the no aaa new-model global configuration command. To disable AAA authentication, use the no aaa
authentication login {default | list-name} method1 [method2...] global configuration command. To either disable RADIUS
authentication for logins or to return to the default value, use the no login authentication {default | list-name} line
configuration command.
Note To secure the switch for HTTP access by using AAA methods, you must configure the switch with the
ip http authentication aaa global configuration command. Configuring AAA authentication does not
secure the switch for HTTP access by using AAA methods.
For more information about the ip http authentication command, see the Cisco IOS Security Command
Reference, Release 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > 12.2
Mainline > Command References.
Defining AAA Server Groups
You can configure the switch to use AAA server groups to group existing server hosts for authentication. You select a subset
of the configured server hosts and use them for a particular service. The server group is used with a global server-host list,
which lists the IP addresses of the selected server hosts.
Server groups also can include multiple host entries for the same server if each entry has a unique identifier (the combination
of the IP address and UDP port number), allowing different ports to be individually defined as RADIUS hosts providing a
specific AAA service. If you configure two different host entries on the same RADIUS server for the same service, (for
example, accounting), the second configured host entry acts as a failover backup to the first one.
You use the server group server configuration command to associate a particular server with a defined group server. You can
either identify the server by its IP address or identify multiple host instances or entries by using the optional auth-port and
acct-port keywords.

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Message Guide
Message Guide146 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages
Preview: Datasheet
Datasheet11 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Overview
Overview46 pages

Related product manuals