Configuring The Switch-To-Radius-Server Communication - Cisco Catalyst 2960-XR Security Configuration Manual

Configuring IEEE 802.1x Port-Based Authentication
Command or Action
Step 7
radius-server key string
Example:
Switch(config)# radius-server key abc1234
Step 8 interface interface-id
Example:
Switch(config)# interface
gigabitethernet1/0/2
Step 9 switchport mode access
Example:
Switch(config-if)# switchport mode access
Step 10 authentication port-control auto
Example:
Switch(config-if)# authentication
port-control auto
Step 11
dot1x pae authenticator
Example:
Switch(config-if)# dot1x pae authenticator
Step 12
end
Example:
Switch(config-if)# end

Configuring the Switch-to-RADIUS-Server Communication

You can globally configure the timeout, retransmission, and encryption key values for all RADIUS servers
by using the radius-server host global configuration command. If you want to configure these options on a
per-server basis, use the radius-server timeout, the radius-server retransmit, and the radius-server key
global configuration commands.
OL-29434-01
Configuring the Switch-to-RADIUS-Server Communication
Purpose
(Optional) Specifies the authentication and encryption key used
between the switch and the RADIUS daemon running on the
RADIUS server.
Specifies the port connected to the client that is to be enabled for
IEEE 802.1x authentication, and enter interface configuration
mode.
(Optional) Sets the port to access mode only if you configured the
RADIUS server in Step 6 and Step 7.
Enables 802.1x authentication on the port.
Sets the interface Port Access Entity to act only as an authenticator
and ignore messages meant for a supplicant.
Returns to privileged EXEC mode.
Catalyst 2960-XR Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX1
255