Name: Cisco Catalyst 4500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

49-113

Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex

Chapter 49 Configuring 802.1X Port-Based Authentication

Controlling Switch Access with RADIUS

To delete the vendor-proprietary RADIUS host, use the no radius-server host {hostname | ip-address} non-standard global

configuration command. To disable the key, use the no radius-server key global configuration command.

This example shows how to specify a vendor-proprietary RADIUS host and to use a secret key of rad124 between the switch

and the server:

Switch(config)# radius-server host 172.20.30.15 nonstandard

Switch(config)# radius-server key rad124

Configuring CoA on the Switch

To configure CoA on a switch, perform these steps. This procedure is required.

Step 3

Switch(config)# radius-server key string

Specifies the shared secret text string used between

the switch and the vendor-proprietary RADIUS

server. The switch and the RADIUS server use this

text string to encrypt passwords and exchange

responses.

Note The key is a text string that must match the

encryption key used on the RADIUS server.

Leading spaces are ignored, but spaces within

and at the end of the key are used. If you use

spaces in your key, do not enclose the key in

quotation marks unless the quotation marks

are part of the key.

Step 4

Switch(config)# end

Returns to privileged EXEC mode.

Step 5

Switch# show running-config

Verifies your settings.

Step 6

Switch# copy running-config startup-config

(Optional) Saves your entries in the configuration

file.

Command Purpose

Step 1

Switch# configure terminal

Enters global configuration mode.

Step 2

Switch(config)# aaa new-model

Enables AAA.

Step 3

Switch(config)# aaa server radius

dynamic-author

Configures the switch as an authentication, authorization, and accounting

(AAA) server to facilitate interaction with an external policy server.

Step 4

Switch(config-locsvr-da-radius)#

client

{ip-address | name} [vrf

vrfname] [server-key string]

Enters dynamic authorization local server configuration mode and specify

a RADIUS client from which a device will accept CoA and disconnect

requests.

Step 5

Switch(config-locsvr-da-radius)#

server-ke

y [0 | 7] string

Configures the RADIUS key to be shared between a device and RADIUS

clients.

Step 6

Switch(config-locsvr-da-radius)#

port port-number

Specifies the port on which a device listens for RADIUS requests from

configured RADIUS clients.

Step 7

Switch(config-locsvr-da-radius)#

auth-type {any | all | session-key}

Specifies the type of authorization the switch uses for RADIUS clients.

The client must match all the configured attributes for authorization.

Command Purpose

Other manuals for Cisco Catalyst 4500 Series

Manual19 pages

Command Reference Guide1230 pages

System Message Guide150 pages

Configuration Guide1610 pages

Administration Guide1814 pages

Message Guide146 pages

Installation Guide194 pages

Datasheet11 pages

Overview46 pages

Quick Reference Guide59 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General

Series	Catalyst 4500 Series
Category	Switch
Layer Support	Layer 2, Layer 3
Form Factor	Modular chassis
Stackable	No
Chassis Slots	3, 6, 7, 10
Power Supply Options	AC, DC
Redundancy	Power supply, Supervisor engine
Network Management	Cisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
Features	Security, QoS
Port Density	Up to 384 ports per chassis
Security Features	802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine	8-E