Name: Cisco Catalyst 4500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

52-9

Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex

Chapter 52 Configuring Web-Based Authentication

Configuring Web-Based Authentication

Configuring AAA Authentication

To enable web-based authentication, perform this task:

This example shows how to enable AAA:

Switch(config)# aaa new-model

Switch(config)# aaa authentication login default group tacacs+

Switch(config)# aaa authorization auth-proxy default group tacacs+

Configuring Switch-to-RADIUS-Server Communication

RADIUS security servers are identified by one of the following:

• Host name

• Host IP address

• Host name and specific UDP port numbers

• IP address and specific UDP port numbers

The combination of the IP address and UDP port number creates a unique identifier, which enables

RADIUS requests to be sent to multiple UDP ports on a server at the same IP address. If two different

host entries on the same RADIUS server are configured for the same service (for example,

authentication) the second host entry that is configured functions as the failover backup to the first one.

The RADIUS host entries are chosen in the order that they were configured.

To configure the RADIUS server parameters, perform this task:

Command Purpose

Step 1

Switch(config)# aaa new-model

Enables AAA functionality.

Switch(config)# no aaa new-model

Disables AAA functionality.

Step 2

Switch(config)# aaa authentication login default

group {tacacs+ | radius}

Defines the list of authentication methods at login.

Step 3

Switch(config)# aaa authorization auth-proxy

default group {tacacs+ | radius}

Creates an authorization method list for web-based

authorization.

Switch(config)# no aaa authorization auth-proxy

default group {tacacs+ | radius}

Clears the configured method list.

Step 4

Switch(config)# tacacs-server host {hostname |

ip_address}

Specifies an AAA server. For RADIUS servers, see the

section “Configuring Switch-to-RADIUS-Server

Communication” section on page 52-9.

Step 5

Switch(config)# tacacs-server key {key-data}

Configures the authorization and encryption key used

between the switch and the TACACS server.

Command Purpose

Step 1

Switch(config)# ip radius source-interface

interface_name

Specifies that the RADIUS packets have the IP address of

the indicated interface.

Switch(config)# no ip radius source-interface

Prevents the RADIUS packets from having the IP address

of the previously indicated interface.

Other manuals for Cisco Catalyst 4500 Series

Manual19 pages

Command Reference Guide1230 pages

System Message Guide150 pages

Configuration Guide1610 pages

Administration Guide1814 pages

Message Guide146 pages

Installation Guide194 pages

Datasheet11 pages

Overview46 pages

Quick Reference Guide59 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General

Series	Catalyst 4500 Series
Category	Switch
Layer Support	Layer 2, Layer 3
Form Factor	Modular chassis
Stackable	No
Chassis Slots	3, 6, 7, 10
Power Supply Options	AC, DC
Redundancy	Power supply, Supervisor engine
Network Management	Cisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
Features	Security, QoS
Port Density	Up to 384 ports per chassis
Security Features	802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine	8-E