Remote Authorization Dial-In User Service (RADIUS) Settings on ESW2-350G Switches

Available Languages

Download Options

  • PDF     (1.5 MB)
    View with Adobe Reader on a variety of devices
  • ePub     (1.5 MB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (475.4 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:December 11, 2018
Document ID:SMB3894

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Remote Authorization Dial-In User Service (RADIUS) Settings on ESW2-350G Switches

Objective

Remote Authorization Dial-In User Service (RADIUS) server is a server that centralizes control of a network that is made of RADIUS enabled devices. RADIUS servers are based on either 802.1X or MAC addresses. This article explains how to configure RADIUS Settings on the ESW2-350G Switches.

Applicable Devices

• ESW2-350G
• ESW2-350G-DC

Software Version

• v1.2.6.28

Steps of Procedure

Step 1. Log in to web configuration utility and choose Security > RADIUS. The RADIUS page opens:

 

Step 2. Click a radio button for the RADIUS accounting type.

• Port Based Access Control — This option has server/client interaction occur through a 802.1X port.

• Management Access — This option has the server/client interaction occur over an user account.

• Both Port Based Access Control and Management Access — This option has the server/client interaction occur over both a 802.1X port and an user account.

• None — This option does not permit accounting on the RADIUS Server.

RADIUS server supports both IP version 4 and version 6

Step 3. In the Retries field, enter a number of retries that a request can be sent before a failure notice is given.

 

Step 4. In the Timeout for Reply field, enter a time in seconds before an unanswered request is resent.

 

Step 5. In the Dead Time field, enter a time in minutes before an unresponsive RADIUS is bypassed. A value of 0 means that the RADIUS server is not bypassed.

 

Step 6. In the Key String field, enter a key string that will help encrypt messages between the server and client. The key string must match the key string of the RADIUS server.

Step 7. Click Apply.

RADIUS Table

The RADIUS table allows an user to create a new RADIUS server. This procedure shows how to create a RADIUS server.

 

Step 1. In the RADIUS Table, click Add. A new window appears.

Step 2. Choose a Server Definition.

• By IP address — This option defines the RADIUS server by the IP address.

• By name — This option defines the RADIUS server by the name.

Note: Here in the above screenshot the IP version 6 and IPv6 Address Type cannot be configured as there are no  interface configured with IPv6.

Step 3. Choose the IP Version.

• Version 6 — This option sets the IP address of the RADIUS server to IPv6.

• Version 4 — This option sets the IP address of the RADIUS server to IPv4.

Step 4. In the Server IP Address/Name field, enter the name or IP address for the RADIUS server depending on your choice in Step 2.

Step 5. In the Priority field, enter a priority level for the RADIUS server. 0 is the top priority.

Step 6. To the right of Key String, choose an option.

• Use Default — This option sets the key string of the RADIUS server to the default string.

• User Defined — This option allows an user to enter the key string in the adjacent field.

Step 7. To the right of Timeout for Reply, choose an option for the time is seconds in which the switch waits for the the RADIUS server to respond.

• Use Default — This option sets the time to the default value.

• User Defined — This option allows an user to enter the time in the adjacent field.

Step 8. In the Authentication Port field, enter a port number for authentication requests.

Step 9. In the Accounting Port field, enter a port number for accounting requests.

Step 10. To the right of Retries, choose an option for the number of requests that are sent to the RADIUS server before a failure notice occurs.

• Use Default — This option uses the default number of retries.

• User Defined — This option allows an user to enter the number of retries in the adjacent field.

Step 11. To the right of Dead Time, choose an option for the time in minutes before a RADIUS server is bypassed for being unresponsive.

• Use Default — This option uses the default time.

• User Defined — This option allows an user to enter the time in the adjacent field.

Step 12. To the right of Usage Type, choose an option for RADIUS server authentication type.

• Login — This option authenticates user for the RADIUS server.

• User Defined — This option uses 802.1X authentication.

• All — This option performs both authentications.

Step 13. Click Apply.

Related Articles

Configuration of TACACS+ Parameters on ESW2-350G Switches

Was this Document Helpful?

FeedbackFeedback

Contact Cisco