Friday, October 24, 2014

Configure Network Equipment to use Radius for authentication

Following my recent article on 'How to configure install and configure Freeradius', you will find below several examples of 'How to configure network equipment to use Radius for authentication'.

Cisco Catalyst

aaa new-model
ip radius source-interface vlan XXX
radius-server host <IP_address_radius_server> auth-port <port-number> acct-port <port-number>
radius-server key SharedKey
!
aaa authentication login default group radius local
aaa authorization exec default group radius if-authenticated => directly upgrade privilege to 'enable'
!
line vty 0 15
 login authentication default


Switch HP Procurve

radius-server host <IP_address_radius_server> key " SharedKey " acct-port <port-number> auth-port <port-number>
aaa authentication ssh login radius local
aaa authentication ssh enable radius local
aaa authentication login privilege-mode

Switch Nexus

ip radius source-interface mgmt 0
 radius-server host <IP_address_radius_server> auth-port <port-number> acct-port<port-number>
 radius-server key SharedKey
!
aaa group server radius FREE-RADIUS
 server <IP_address_radius_server>
 use-vrf management
 source-interface mgmt 0
!
aaa authentication login default group FREE-RADIUS

Posted by at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)