Configuring The Switch For Vendor-Proprietary Radius Server Communication - Cisco Catalyst 4500 series Administration Manual
Hide thumbs
Also See for Catalyst 4500 series:
- Software configuration manual (2086 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
Chapter 46
Configuring 802.1X Port-Based Authentication
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication
Although an IETF draft standard for RADIUS specifies a method for communicating vendor-proprietary
information between the switch and the RADIUS server, some vendors have extended the RADIUS
attribute set in a unique way. Cisco IOS software supports a subset of vendor-proprietary RADIUS
attributes.
As mentioned earlier, to configure RADIUS (whether vendor-proprietary or IETF draft-compliant), you
must specify the host running the RADIUS server daemon and the secret text string it shares with the
switch. You specify the RADIUS host and secret text string by using the radius-server global
configuration commands.
To specify a vendor-proprietary RADIUS server host and a shared secret text string, perform this task:
Command
Step 1
Switch# configure terminal
Step 2
Switch(config)# radius-server host {hostname |
ip-address} non-standard
Step 3
Switch(config)# radius-server key string
Step 4
Switch(config)# end
Step 5
Switch# show running-config
Step 6
Switch# copy running-config startup-config
To delete the vendor-proprietary RADIUS host, use the no radius-server host {hostname | ip-address}
non-standard global configuration command. To disable the key, use the no radius-server key global
configuration command.
This example shows how to specify a vendor-proprietary RADIUS host and to use a secret key of rad124
between the switch and the server:
Switch(config)# radius-server host 172.20.30.15 nonstandard
Switch(config)# radius-server key rad124
OL_28731-01
Purpose
Enters global configuration mode.
Specifies the IP address or hostname of the remote
RADIUS server host and identify that it is using a
vendor-proprietary implementation of RADIUS.
Specifies the shared secret text string used between
the switch and the vendor-proprietary RADIUS
server. The switch and the RADIUS server use this
text string to encrypt passwords and exchange
responses.
The key is a text string that must match the
Note
encryption key used on the RADIUS server.
Leading spaces are ignored, but spaces within
and at the end of the key are used. If you use
spaces in your key, do not enclose the key in
quotation marks unless the quotation marks
are part of the key.
Returns to privileged EXEC mode.
Verifies your settings.
(Optional) Saves your entries in the configuration
file.
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
Controlling Switch Access with RADIUS
46-115
Advertisement
Chapters
Table of Contents
Troubleshooting
