PurposeCommand or Action
(Optional) Specifies the authentication and encryption key used
between the switch and the RADIUS daemon running on the
RADIUS server.
radius-server key string
Example:
Switch(config)# radius-server key abc1234
Step 7
Specifies the port connected to the client that is to be enabled for
IEEE 802.1x authentication, and enter interface configuration
mode.
interface interface-id
Example:
Switch(config)# interface
Step 8
gigabitethernet1/0/2
(Optional) Sets the port to access mode only if you configured the
RADIUS server in Step 6 and Step 7.
switchport mode access
Example:
Switch(config-if)# switchport mode access
Step 9
Enables 802.1x authentication on the port.authentication port-control auto
Example:
Switch(config-if)# authentication
Step 10
port-control auto
Sets the interface Port Access Entity to act only as an authenticator
and ignore messages meant for a supplicant.
dot1x pae authenticator
Example:
Switch(config-if)# dot1x pae authenticator
Step 11
Returns to privileged EXEC mode.end
Example:
Switch(config-if)# end
Step 12
Configuring the Switch-to-RADIUS-Server Communication
You can globally configure the timeout, retransmission, and encryption key values for all RADIUS servers
by using the radius-server host global configuration command. If you want to configure these options on a
per-server basis, use the radius-server timeout, the radius-server retransmit, and the radius-server key
global configuration commands.
Catalyst 2960-XR Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX1
OL-29434-01 255
Configuring IEEE 802.1x Port-Based Authentication
Configuring the Switch-to-RADIUS-Server Communication
To Next Page
Loading...
Need help?
General