Configure an EAP-enabled RADIUS Server
The switch uses RADIUS servers for authentication and accounting services. Use the no form to delete a RADIUS server.
Before you begin
You must enable EAP globally.
About this task
The RADIUS server uses the secret key to validate users.
RADIUS supports IPv4 and IPv6 addresses, with no difference in functionality or configuration.
Procedure
Example
Add an EAP RADIUS server:
Switch:1>enable Switch:1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch:1(config)#radius server host fe80:0:0:0:21b:4fff:fe5e:73fd key radiustest used-by eapol
Variable Definitions
The following table defines parameters to configure an EAP-enabled RADIUS server with the radius server host command.
Variable |
Value |
---|---|
host WORD<0–46> |
Specifies the IP address of the selected server. RADIUS supports IPv4 and IPv6 addresses, with no difference in functionality or configuration. |
WORD<0-20> |
Specifies the secret key, which is a string of up to 20 characters. |
The following table defines parameters to use optional arguments of the radius server host command.
Variable |
Value |
---|---|
port <1-65535> |
Specifies the port ID number. |
priority <1-10> |
Specifies the priority number. The lowest number is the highest priority. |
retry <0-6> |
Specifies the retry count of the account. |
timeout <1-180> |
Specifies the timeout of the server. The default is 30. |
enable |
Enables the functions used by the RADIUS server host. |
acct-port <1-65536> |
Specifies the port account. |
acct-enable |
Enables the account. |
secure-enable |
Enable secure mode on the server. |
secure-log-level |
Specifies the RADIUS secure server log severity level. Possible values are:
|
secure-mode |
Specifies the protocol for establishing the secure connection with the server. |
secure-profile |
Specifies the secure profile name. |