hit counter script

Cisco Catalyst 2960 Software Configuration Manual page 243

Hide thumbs Also See for Catalyst 2960:
Table of Contents

Advertisement

Chapter 9
Configuring Switch-Based Authentication
Beginning in privileged EXEC mode, follow these steps to configure per-server RADIUS server
communication. This procedure is required.
Command
Step 1
configure terminal
Step 2
radius-server host {hostname |
ip-address} [auth-port port-number]
[acct-port port-number] [timeout
seconds] [retransmit retries] [key
string]
Step 3
end
Step 4
show running-config
Step 5
copy running-config startup-config
To remove the specified RADIUS server, use the no radius-server host hostname | ip-address global
configuration command.
This example shows how to configure one RADIUS server to be used for authentication and another to
be used for accounting:
Switch(config)# radius-server host 172.29.36.49 auth-port 1612 key rad1
Switch(config)# radius-server host 172.20.36.50 acct-port 1618 key rad2
OL-26520-01
Purpose
Enter global configuration mode.
Specify the IP address or hostname of the remote RADIUS server host.
(Optional) For auth-port port-number, specify the UDP destination
port for authentication requests.
(Optional) For acct-port port-number, specify the UDP destination
port for accounting requests.
(Optional) For timeout seconds, specify the time interval that the
switch waits for the RADIUS server to reply before resending. The
range is 1 to 1000. This setting overrides the radius-server timeout
global configuration command setting. If no timeout is set with the
radius-server host command, the setting of the radius-server
timeout command is used.
(Optional) For retransmit retries, specify the number of times a
RADIUS request is resent to a server if that server is not responding
or responding slowly. The range is 1 to 1000. If no retransmit value is
set with the radius-server host command, the setting of the
radius-server retransmit global configuration command is used.
(Optional) For key string, specify the authentication and encryption
key used between the switch and the RADIUS daemon running on the
RADIUS server.
Note
The key is a text string that must match the encryption key used
on the RADIUS server. Always configure the key as the last item
in the radius-server host command. Leading spaces are ignored,
but spaces within and at the end of the key are used. If you use
spaces in your key, do not enclose the key in quotation marks
unless the quotation marks are part of the key.
To configure the switch to recognize more than one host entry associated
with a single IP address, enter this command as many times as necessary,
making sure that each UDP port number is different. The switch software
searches for hosts in the order in which you specify them. Set the timeout,
retransmit, and encryption key values to use with the specific RADIUS
host.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Catalyst 2960 and 2960-S Switches Software Configuration Guide, Release 15.0(1)SE
Controlling Switch Access with RADIUS
9-29

Advertisement

Table of Contents
loading

This manual is also suitable for:

Catalyst 2960-s

Table of Contents