Online Help for Cisco IOS Release 12.2(15)JA
     
Home
Express Setup
Express Security
Network Map
Association
Network Interfaces
Security
Services
System Software
Event Log

 

  

Home: Configuring/Enabling Authentication using RADIUS Server

You must first configure the SSID. Complete the following steps to configure the SSID.

  1. From the navigation menu, click Security to go to the Security Summary page.
  2. From the expanded Security menu, click SSID Manager to go the SSID Manager page.


  3. At the VLAN drop-down menu, select the VLAN to be used for this SSID. Select <NONE> if VLANs are not enabled.
  4. Under Authentication Methods Accepted, select the authentication type to use on this SSID.
  5. Check the Add check box under the authentication method you chose. Use the drop-down menu to choose EAP authentication.
  6. Click Apply to create the SSID.

Now that the SSID is configured, you can add the RADIUS server. Complete the following steps to add the RADIUS server.

  1. From the navigation menu, click Security to go the Security Summary page.
  2. From the expanded Security menu, click Server Manager to go to the Server Manager screen.
  3. In the Current Server List, select the server to be used for EAP authentication. If you need to create a new server, continue to Step 4. Otherwise, skip to Step 10.
  4. Select <NEW> from the Current Server List.
  5. Enter the server host name or IP address in the Server text field.
  6. In the Shared Secret text field, enter the shared secret used by your specified server that matches the one on the bridge.
  7. Enter the port number your server uses for authentication in the Authentication Port parameter. The port setting for the Cisco RADIUS server (the Access Control Server [ACS]) is 1645, and the port setting for many RADIUS servers is 1812.
  8. Check the EAP Authentication check box in the Use Server for section.
  9. Click the first Apply button to add the server.
  10. Steps 11 through 16 are optional tasks and can be skipped to expedite setup. Click the Global Properties tab. Specify the interval at which the accounting updates should be performed in the Accounting Updates Interval field.
  11. In the TACACS+ Server Timeout field, specify the number of seconds an access point waits for a reply to a TACACS+ request before resending the request.
  12. In the RADIUS Server Timeout field, specify the number of seconds an access point waits for a reply to a RADIUS request before resending the request.
  13. In the RADIUS Server Retransmit Retries field, specify the number of times the access point sends each RADIUS request to the server before giving up.
  14. If more than one RADIUS server is configured for EAP authentication, enable the Dead Server List option. Specify how long unresponsive RADIUS servers should be skipped over when the access point is attempting RADIUS server authentication. Enter this amount in the Server remains on list for text field.
  15. Click Apply in the Global Server Properties section.

 
   
Copyright (c) 2004 by Cisco Systems, Inc.