5-14
Configuring Port-Based Access Control (802.1x)
Configuring Switch Ports as 802.1x Authenticators
For example, to enable the switch to perform 802.1x authentication using one
or more EAP-capable RADIUS servers:
Figure 5-3. Example of 802.1x (Port-Access) Authentication
4. Enter the RADIUS Host IP Address(es)
If you selected either eap-radius or chap-radius for the authentication method,
configure the switch to use 1 to 3 RADIUS servers for authentication. The
following syntax shows the basic commands. For coverage of all commands
related to RADIUS server configuration, refer to “RADIUS Authentication and
Accounting” on page 3-1.
802.1x (Port-Access)
configured for EAP-
RADIUS authentication.
Configuration command
for EAP-RADIUS
authentication.
Syntax: radius host < ip-address >
Adds a server to the RADIUS configuration.
[ key < server-specific key-string > ]
Optional. Specifies an encryption key for use
during authentication (or accounting) sessions
with the specified server. This key must match
the key used on the RADIUS server. Use this
option only if the specified server requires a
different key than configured for the global
encryption key.
radius-server key < global key-string >
Specifies the global encryption key the switch uses for
sessions with servers for which the switch does not have
a server-specic key. This key is optional if all RADIUS
server addresses configured in the switch include a
server- specific encryption key.
!FishSecurity.book Page 14 Thursday, October 10, 2002 9:19 PM
To Next Page
Loading...
Need help?
General
