6-8
RADIUS Authentication, Authorization, and Accounting
Configuring the Switch for RADIUS Authentication
Outline of the Steps for Configuring RADIUS
Authentication
There are three main steps to configuring RADIUS authentication:
1. Configure RADIUS authentication for controlling access through one or
more of the following
• Serial port
•Telnet
•SSH
• Port-Access (802.1X)
• WebAgent
2. Enable RADIUS authentication on the switch to override the default
authentication operation of automatically assigning an authenticated cli-
ent to the Operator privilege level. This optional feature applies the
privilege level specified by the Service Type value received from the
RADIUS server. (Refer to “1. Configure Authentication for the Access
Methods You Want RADIUS To Protect” on page 6-10.)
3. Configure the switch for accessing one or more RADIUS servers (one
primary server and up to two backup servers):
Note This step assumes you have already configured the RADIUS server(s) to
support the switch. Refer to the documentation provided with the
RADIUS server documentation.)
• Server IP address
[no] radius-server encrypted-key <global key-string> 6-19
radius-server timeout < 1 - 15> 6-19
radius-server retransmit < 1 - 5 > 6-19
[no] radius-server dead-time < 1 - 1440 > 6-21
show radius 6-67
[< host < ip-address>] 6-68
show authentication 6-70
show radius authentication 6-70
*The web authentication option for the WebAgent is available on the switches
covered in this guide.
RADIUS Authentication Commands Page
To Next Page
Loading...
Need help?
General