SUMMARY STEPS
1.
enable
2.
configure terminal
3.
radius-server host
{
hostname
|
ip-address
}
auth-port port-number key string
4.
end
DETAILED STEPS
Purpose
Command or Action
Enables privileged EXEC mode. Enter your password if prompted.
enable
Step 1
Example:
Switch>
enable
Enters the global configuration mode.
configure terminal
Example:
Switch#
configure terminal
Step 2
Configures the RADIUS server parameters.
radius-server host
{
hostname
|
ip-address
}
auth-port port-number key
string
Step 3
For
hostname
|
ip-address
, specify the server name or IP address of the remote
RADIUS server.
Example:
Switch(config)#
radius-server host
For
auth-port port-number
, specify the UDP destination port for authentication
requests. The default is 1645. The range is 0 to 65536.
For
key string
, specify the authentication and encryption key used between the
switch and the RADIUS daemon running on the RADIUS server. The key is a
text string that must match the encryption key used on the RADIUS server.
125.5.5.43 auth-port 1645 key
rad123
Always configure the key as the last item in the
radius-server host
command syntax because leading spaces are ignored, but spaces within
and at the end of the key are used. If you use spaces in the key, do not
enclose the key in quotation marks unless the quotation marks are part
of the key. This key must match the encryption used on the RADIUS
daemon.
Note
If you want to use multiple RADIUS servers, re-enter this command.
Returns to privileged EXEC mode.
end
Example:
Switch(config)#
end
Step 4
Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX
310
OL-29048-01
Configuring IEEE 802.1x Port-Based Authentication
Configuring the Switch-to-RADIUS-Server Communication