188 Configuring Authentication, Authorization, and Accounting
RADIUS Authentication Example
Use the following configuration to require RADIUS authentication to login
over a telnet connection:
aaa authentication login “rad” radius
aaa authentication enable “raden” radius
radius-server host 1.2.3.4
key “secret”
exit
line telnet
login authentication rad
enable authentication raden
exit
The following describes each line in the above configuration:
•The
aaa authentication login “rad” radius
command
creates a login authentication list called “rad” that contains the method
radius. If this method returns an error, the user will fail to login.
•The
aaa authentication enable “raden” radius
command
creates an enable authentication list called “raden” that contains the
method radius. If this method fails, then the user will fail to execute the
enable command.
•The
radius-server host 1.2.3.4
command is the first step in
defining a RADIUS server at IP address 1.2.3.4. The result of this
command is to place the user in radius-server mode to allow further
configuration of the server.
•The
key “secret”
command defines the shared secret. This must be
the same as the shared secret defined on the RADIUS server.
•The
line telnet
command enters the configuration mode for the
telnet line.
•The
login authentication rad
command assigns the rad login
authentication method list to be used for users accessing the switch via
telnet.
•The
enable authentication raden
command assigns the raden
enable authentication method list to be used for users executing the
enable command when accessing the switch via telnet.
To Next Page
Loading...
