Before you begin
You must create a wireless network SSID with Enterprise 802.1X
access security. This option requires users to authenticate by entering
a user name and password, which are checked against a RADIUS authentication
server.
About this task
If in the process of configuring RADIUS server settings, you discover you need to add
an external RADIUS server, use this task. You will need the IP address,
authentication port number, and the shared secret for the RADIUS server.
Use the following steps to configure a RADIUS server from the Configure
RADIUS Servers window:
Procedure
-
Select the plus sign to add a
new server.
-
Enter a name for the
server.
-
Enter an optional description.
-
Select the IP address or host
name for the RADIUS server.
If you do not see the IP
address that you need, select the plus sign to define a new one (IPv4 or
IPv6).
If the address object is a host name, make sure that the devices
are able to resolve it to an IP address. If you configure a domain name for
the devices, or if the devices dynamically receive a domain name through
DHCP, and the RADIUS server belongs to the same domain, the RADIUS server
name can be just the host name without the domain name. If the RADIUS server
belongs to a different domain, the address object must be the fully
qualified domain name (FQDN): the host name + the domain name.
-
For Server Type,
choose the RADIUS server role:
- Authentication: As an authentication server, the RADIUS
service requests that the client device demonstrate its identity.
- Port: Set
the RADIUS authentication port.
- Accounting: As an accounting server, the RADIUS service
tracks client-server session details.
- Port: Set
the RADIUS accounting port number.
-
Set the shared secret for authenticating communications with the RADIUS
server.
-
Select Save External
RADIUS.
What to do next
Complete the network policy configuration.
