32.
Remote Authentication Dial-In User Service (RADIUS)
MN700004 Rev 01
355
Command Syntax
device-name
(config)#
aaa authentication login default
PRIMARY SECONDARY
device-name
(config)#
no aaa authentication login default
Argument Description
PRIMARY
Primary authentication method, either radius or local.
SECONDARY
Secondary authentication method must be local.
A RADIUS Configuration Example
Figure 32-2 RADIUS Configuration Example
To demonstrate a RADIUS configuration, proceed as follows:
1. Install a RADIUS server on Server 1.
2. Configure the RADIUS server.
3. Edit RADIUS Server's Clients File and add the switch IP address with a distinctive key:
•
Add the line
10.2.200.200 123456
Edit the RADIUS Server’s Users File:
•
Add two users as follows:
johnwilliams auth-type = local, password = "h5yr9b"
reply-message = "user is in"
jamessmith auth-type = reject
reply-message = "your payment balance is outstanding - access
denied"
Configure the Switch:
•
In the switch CLI configure the RADIUS Server host and key as follows: