Vendor-Proprietary Radius Server Communication - Cisco Catalyst 2960 series Configuration Manual
Consolidated platform configuration guide, ios release 15.2(4)e
Hide thumbs
Also See for Catalyst 2960 series:
- Software configuration manual (980 pages) ,
- Command reference manual (800 pages) ,
- Configuration manual (120 pages)
Table of Contents
Advertisement
How to Configure RADIUS
Vendor-Proprietary RADIUS Server Communication
Although an IETF draft standard for RADIUS specifies a method for communicating vendor-proprietary
information between the switch and the RADIUS server, some vendors have extended the RADIUS attribute
set in a unique way. Cisco IOS software supports a subset of vendor-proprietary RADIUS attributes.
As mentioned earlier, to configure RADIUS (whether vendor-proprietary or IETF draft-compliant), you must
specify the host running the RADIUS server daemon and the secret text string it shares with the switch. You
specify the RADIUS host and secret text string by using the radius server global configuration commands.
Enhanced Test Command
The Enhanced Test Command feature allows a named user profile to be created with calling line ID (CLID)
or dialed number identification service (DNIS) attribute values. The CLID or DNIS attribute values can be
associated with the RADIUS record that is sent with the user profile so that the RADIUS server can access
CLID or DNIS attribute information for all incoming calls.
How to Configure RADIUS
Identifying the RADIUS Server Host
To apply these settings globally to all RADIUS servers communicating with the Switch, use the three unique
global configuration commands: radius-server timeout, radius-server retransmit, and radius-server key.
To apply these values on a specific RADIUS server, use the radius-server host global configuration command.
You can configure the Switch to use AAA server groups to group existing server hosts for authentication. For
more information, see Related Topics below.
You also need to configure some settings on the RADIUS server. These settings include the IP address of the
Switch and the key string to be shared by both the server and the Switch. For more information, see the
RADIUS server documentation.
Follow these steps to configure per-server RADIUS server communication.
Before You Begin
If you configure both global and per-server functions (timeout, retransmission, and key commands) on the
switch, the per-server timer, retransmission, and key value commands override global timer, retransmission,
and key value commands. For information on configuring these settings on all RADIUS servers, see Related
Topics below.
SUMMARY STEPS
1. enable
2. configure terminal
3. radius-server host {hostname | ip-address} [auth-port port-number] [acct-port port-number] [timeout
seconds] [retransmit retries] [key string]
4. end
5. show running-config
6. copy running-config startup-config
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
924
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
