Configure the secure mode for RADSec as either Transport Layer Security (TLS) protocol or
Datagram Transport Layer Security (DTLS) protocol.
Before you begin
To avoid TLS handshake issues if the switch and RADsec proxy server run different
versions of OpenSSL, manually force TLS version 2 negotiation through the RADsec
proxy by adding the following text to the
radsecproxy.conf
configuration file:
tls default{
...
TlsVersion TLS1_2
}
Procedure
-
Enter Global Configuration mode:
enable
configure
terminal
-
Configure the secure mode:
radius server host
WORD<0-46> used-by {cli | eapol | endpoint-tracking | snmp | web}
secure-mode {tls | dtls}