Configure RADSec Secure Mode

About this task

Configure the secure mode for RADSec as either Transport Layer Security (TLS) protocol or Datagram Transport Layer Security (DTLS) protocol.

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Configure the secure mode:

    radius server host WORD<0-46> used-by {cli | eapol | endpoint-tracking | snmp | web} secure-mode {tls | dtls}

Variable Definitions

The following table defines parameters for the radius server host command.

Variable Value
WORD<0-46>

Specifies the IPv4 address or the IPv6 address.

used-by

Specifies how the server functions. Configures the server for one of the following:

  • cli authentication

  • eapol authentication

  • endpoint-tracking authentication

  • snmp accounting

  • web authentication

secure-mode

Specifies the RADSec security mode. Possible values are:

  • tls - Transport Layer Security (TLS) encryption over Transmission Control Protocol (TCP)

  • dtls - Datagram Transport Layer Security (DTLS) encryption over User Datagram Protocol (UDP)

The default is tls.