Configure Radius Communications

switch(config)#

radius-server host [host name | IP address]

■ Specify the IP address of the RADIUS server switch(config)# radius-server key [string]

■ Specify the authentication and encryption key switch(config)#

radius-server vsa send [accounting | authentication]

■ (Optional) Enable the switch to recognize and use VSAs

© 2007 Cisco Systems, Inc. All rights reserved SNRS v2.0—2-23

Configure RADIUS communications using the following commands:

■ radius-server host [host name | IP address] auth-port [port] acct-port [port]

This command specifies the IP address of the RADIUS server. Additionally, the authentication and accounting port numbers can be changed from the default values of 1645 and 1646.

■ radius-server key [string]

This command specifies the authentication and encryption key used between the switch and the RADIUS daemon running on the RADIUS server.

■ radius-server vsa send [accounting | authentication]

This command enables the switch to recognize and use vendor-specific attributes (VSAs) as defined by RADIUS IETF attribute 26.

— Use the accounting keyword to limit the set of recognized VSAs to only accounting attributes.

— Use the authentication keyword to limit the set of recognized VSAs to only authentication attributes.

Note If you enter this command without keywords, both accounting and authentication VSAs are used.

© 2007 Cisco Systems, Inc. Trust and Identity 2-107

0 0

Post a comment