Configuring Radius Login Authentication - Cisco Catalyst 2960-XR Security Configuration Manual
Ios release 15.0 2 ex1
Hide thumbs
Also See for Catalyst 2960-XR:
- Configuration manual (196 pages) ,
- Configuration manuals (120 pages) ,
- Reference (52 pages)
Table of Contents
Advertisement
Configuring RADIUS Login Authentication
Command or Action
1612 key rad1
Step 3
end
Example:
Switch(config)# end
Related Topics
RADIUS Server Host, on page 62
Defining AAA Server Groups, on page 68
Configuring Settings for All RADIUS Servers, on page 73
Configuring RADIUS Login Authentication
Beginning in privileged EXEC mode, follow these steps to configure RADIUS login authentication:
Before You Begin
To secure the switch for HTTP access by using AAA methods, you must configure the switch with the ip
http authentication aaa global configuration command. Configuring AAA authentication does not secure
the switch for HTTP access by using AAA methods.
For more information about the ip http authentication command, see the Cisco IOS Security Command
Reference, Release 12.4.
Catalyst 2960-XR Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX1
66
Purpose
timeout is set with the radius-server host command, the setting of the
radius-server timeout command is used.
• (Optional) For retransmit retries, specify the number of times a RADIUS request
is resent to a server if that server is not responding or responding slowly. The range
is 1 to 1000. If no retransmit value is set with the radius-server host command,
the setting of the radius-server retransmit global configuration command is used.
• (Optional) For key string, specify the authentication and encryption key used
between the switch and the RADIUS daemon running on the RADIUS server.
Note
The key is a text string that must match the encryption key used on the RADIUS
server. Always configure the key as the last item in the radius-server host
command. Leading spaces are ignored, but spaces within and at the end of the
key are used. If you use spaces in your key, do not enclose the key in quotation
marks unless the quotation marks are part of the key.
To configure the switch to recognize more than one host entry associated with a single
IP address, enter this command as many times as necessary, making sure that each UDP
port number is different. The switch software searches for hosts in the order in which
you specify them. Set the timeout, retransmit, and encryption key values to use with the
specific RADIUS host.
Returns to privileged EXEC mode.
Configuring RADIUS
OL-29434-01
Advertisement
Table of Contents
