EditDiscussionPage history

Configuring RADIUS Login Authentication in network devices

Revision as of 15:07, 21 February 2023 by Shin (talk | contribs)

Configuring RADIUS Login Authentication is a little bit different according to the image version of your devices. The below is examples and you must verify how to configure from the manual of your devices.

Cisco Catalyst IOS 12.x Switches [1] [2]
Switch(config)# aaa new-model
Switch(config)# radius-server host <imRAD IPv4 address> auth-port 1812 acct-port 1813 key <shared secret>
Switch(config)# aaa authentication login default radius local
Switch(config)# aaa authorization network default radius
Switch(config)# aaa authorization exec default radius
Switch(config)# aaa authorization console // to grant a privilege for the serial port.
Switch(config)# aaa accounting network default start-stop radius
Switch(config)# aaa accounting exec default start-stop radius
Cisco Catalyst IOS 15 Switches [3]

File:2960x_chapter_0110.pdf 

Switch(config)# aaa new-model
Switch(config)# radius server RADIUS
Switch(config-radius-server)# address ipv4 <imRAD IPv4 address>  auth-port 1812 acct-port 1813
Switch(config-radius-server)# key <shared secret>
Switch(config)# aaa authentication login default radius local
Switch(config)# aaa authorization network radius
Switch(config)# aaa authorization exec radius
Switch(config)# aaa authorization console // to grant a privilege for the serial port.
Switch(config)# aaa accounting network start-stop radius
Switch(config)# aaa accounting exec start-stop radius
Switch(config)# radius-server attribute 31 send nas-port-detail
Extreme EXOS[4]
# configure radius mgmt-access primary server <imRAD IP address> client-ip <CLIENT_IP> vr VR-Default
# configure radius mgmt-access primary shared-secret <shared-secret>
# enable radius mgmt-access
# enable radius-accounting mgmt-access
  1. https://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3se/consolidated_guide/b_consolidated_3850_3se_cg_chapter_0110100.html#task_1091464
  2. https://wiki.freeradius.org/vendor/cisco#enable-mode_per-user-privilege-level
  3. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-0_2_EX/security/configuration_guide/b_sec_152ex_2960-x_cg/b_sec_152ex_2960-x_cg_chapter_0110.html
  4. https://extremeportal.force.com/ExtrArticleDetail?an=000074221