Configuring Multiple Domain Authentication And Multiple Authorization - Cisco Catalyst 4500 Series Software Configuration Manual
Cisco ios xe release 3.9.xe and cisco ios release 15.2(5)ex
Hide thumbs
Also See for Catalyst 4500 Series:
- Administration manual (1814 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
Configuring 802.1X Port-Based Authentication
Command
Step 5
Switch(config)# ip radius
source-interface m/p
Step 6
Switch(config)# end
Step 7
Switch# show running-config
Step 8
Switch# copy running-config
startup-config
This example shows how to specify the server with IP address 172.120.39.46 as the RADIUS server. The first command
specifies port 1612 as the authorization port, sets the encryption key to rad123.
The second command dictates that key matches are performed on the RADIUS server:
Switch# configure terminal
Switch(config)# radius-server host 172.l20.39.46 auth-port 1612 key rad123
Switch(config)# ip radius source-interface g3/2
Switch(config)# end
Switch#
You can globally configure the timeout, retransmission, and encryption key values for all RADIUS servers by using the
radius-server host global configuration command. If you want to configure these options on a per-server basis, use the
radius-server timeout, radius-server retransmit, and the radius-server key global configuration commands.
You also need to create a AAA client setting on the RADIUS server. These settings include the IP address of the switch and
the key string to be shared by both the server and the switch.
Configuring Multiple Domain Authentication and Multiple Authorization
Multiple Authorization requires Cisco IOS Release 12.2(50)SG and later releases.
Note
To configure Multiple Domain Authentication (MDA) and Multiple Authorization, perform this task.
Command
Step 1
Switch# configure terminal
Step 2
Switch(config)# radius-server vsa
send authentication
Step 3
Switch(config)# interface
interface-id
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
49-34
Chapter 49
Purpose
Establishes the IP address to be used as the source address for all
outgoing RADIUS packets.
Returns to privileged EXEC mode.
Verifies your entries.
(Optional) Saves your entries in the configuration file.
Purpose
Enters global configuration mode.
Configures the network access server to recognize and use
vendor-specific attributes (VSAs).
Specifies the port to which multiple hosts are indirectly attached, and
enters interface configuration mode.
Configuring 802.1X Port-Based Authentication
Advertisement
Chapters
Table of Contents
Troubleshooting
