EasyManua.ls Logo

Cisco Catalyst 4500 Series - Configuring AAA Authentication

Cisco Catalyst 4500 Series
2086 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
52-9
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 52 Configuring Web-Based Authentication
Configuring Web-Based Authentication
Configuring AAA Authentication
To enable web-based authentication, perform this task:
This example shows how to enable AAA:
Switch(config)# aaa new-model
Switch(config)# aaa authentication login default group tacacs+
Switch(config)# aaa authorization auth-proxy default group tacacs+
Configuring Switch-to-RADIUS-Server Communication
RADIUS security servers are identified by one of the following:
Host name
Host IP address
Host name and specific UDP port numbers
IP address and specific UDP port numbers
The combination of the IP address and UDP port number creates a unique identifier, which enables
RADIUS requests to be sent to multiple UDP ports on a server at the same IP address. If two different
host entries on the same RADIUS server are configured for the same service (for example,
authentication) the second host entry that is configured functions as the failover backup to the first one.
The RADIUS host entries are chosen in the order that they were configured.
To configure the RADIUS server parameters, perform this task:
Command Purpose
Step 1
Switch(config)# aaa new-model
Enables AAA functionality.
Switch(config)# no aaa new-model
Disables AAA functionality.
Step 2
Switch(config)# aaa authentication login default
group {tacacs+ | radius}
Defines the list of authentication methods at login.
Step 3
Switch(config)# aaa authorization auth-proxy
default group {tacacs+ | radius}
Creates an authorization method list for web-based
authorization.
Switch(config)# no aaa authorization auth-proxy
default group {tacacs+ | radius}
Clears the configured method list.
Step 4
Switch(config)# tacacs-server host {hostname |
ip_address}
Specifies an AAA server. For RADIUS servers, see the
section “Configuring Switch-to-RADIUS-Server
Communication” section on page 52-9.
Step 5
Switch(config)# tacacs-server key {key-data}
Configures the authorization and encryption key used
between the switch and the TACACS server.
Command Purpose
Step 1
Switch(config)# ip radius source-interface
interface_name
Specifies that the RADIUS packets have the IP address of
the indicated interface.
Switch(config)# no ip radius source-interface
Prevents the RADIUS packets from having the IP address
of the previously indicated interface.

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Message Guide
Message Guide146 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages
Preview: Datasheet
Datasheet11 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Overview
Overview46 pages

Related product manuals