Before You Begin
Obtain the preshared key values for the remote RADIUS servers.
Procedure
PurposeCommand or Action
Enters global configuration move.switch# configure terminal
Step 1
Specifies a preshared key for a specific RADIUS server.
You can specify a clear text ( 0 ) or encrypted ( 7 ) preshared
key. The default format is clear text.
switch(config)# radius-server
host {ipv4-address | ipv6-address
| host-name} key [0 | 7] key-value
Step 2
The maximum length is 63 characters.
This preshared key is used instead of the global preshared
key.
Exits configuration mode.switch(config)# exit
Step 3
(Optional)
Displays the RADIUS server configuration.
switch# show radius-server
Step 4
The preshared keys are saved in encrypted form in
the running configuration. Use the show
running-config command to display the encrypted
preshared keys.
Note
(Optional)
Saves the change persistenetly through reboots and restarts
by copying the running configuration to the startup
configuration.
switch# copy running-config
startup-contig
Step 5
This example shows how to configure RADIUS preshared keys:
switch# configure terminal
switch(config)# radius-server host 10.10.1.1 key 0 PlIjUhYg
switch(config)# exit
switch# show radius-server
switch# copy running-config startup-config
Configuring RADIUS Server Groups
You can specify one or more remote AAA servers for authentication using server groups. All members of a
group must belong to the RADIUS protocol. The servers are tried in the same order in which you configure
them.
Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x
35
Configuring RADIUS
Configuring RADIUS Server Groups
To Next Page
Loading...
