RADIUS over TLS

The RADIUS protocol is widely deployed client-server model protocol that enables centralized Authentication, Accounting, and Authorization (AAA) over networks.

Transport Layer Security (TLS) is cryptographic protocol to provide communication security between client and server applications that communicate with each other over the network.

The goals of TLS, in order of priority, are as follows:

By default, RADIUS over TCP uses port 2083.

Support for RADIUS over TLS replaces support for RADIUS over UDP. Consider the following as you use RADIUS over TLS:
Table 1. Related commands
Command Function
radius-server host Configures a RADIUS server to connect for external server authentication. The radsec option specifies that RADIUS over TLS is to be used.
aaa authentication login Configures the Authentication, Accounting, and Authorization (AAA) log in sequence. The radius option specifies that RADIUS over TLS is to be used.
cipherset radius Displays the confirmation of Radius cipher list configured successfully message and displays the cipher list.
show cipherset Displays the configured radius cipher list.