Remote Authentication Dial-In User Service (RADIUS) Settings on Sx500 Series Stackable Switches

Available Languages

Download Options

PDF (1.3 MB)
View with Adobe Reader on a variety of devices
ePub (1.4 MB)
View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle) (446.0 KB)
View on Kindle device or Kindle app on multiple devices

Updated:December 13, 2018

Document ID:SMB2844

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Remote Authentication Dial-In User Service (RADIUS) Settings on Sx500 Series Stackable Switches

Objective

Remote Authentication Dial-In User Service (RADIUS) is a client or server protocol. The RADIUS client is usually a Network Access Server (NAS) and the Radius server is a process that runs on UNIX or Windows NT machine. The Radius server responds to client's issues related to server availability, re-transmission, and timeouts. Radius server also handles user's connection requests, authenticates the user, and sends the necessary configuration information to client to deliver services to the user.

RADIUS server is a server that centralizes control of a network that is made of RADIUS enabled devices. RADIUS servers are based on either 802.1X or MAC addresses. This article explains how to configure RADIUS Settings on the Sx500 Series Stackable Switches.

Applicable Devices

• Sx500 Series Stackable Switches

Software Version

• v1.2.7.76

RADIUS Settings

Step 1. Log in to the web configuration utility and choose Security > RADIUS. The Radius page opens:

Step 2. Click the desired radio button for the RADIUS Accounting type in the RADIUS Accounting field.

• Port Based Access Control — This option has server/client interaction occur through a 802.1X port.

• Management Access — This option has the server/client interaction occur over an user account.

• Both Port Based Access Control and Management Access — This option has the server/client interaction occur over both a 802.1X port and a user account.

• None — This option does not permit accounting on the RADIUS Server.

Step 3. In the Retries field, enter a number of retries that a request can be sent before a failure notice is given.

Step 4. In the Timeout for Reply field, enter a time (in seconds) before an unanswered request is resent.

Step 5. In the Dead Time field, enter a time (in minutes) before an unresponsive RADIUS server is bypassed. The authentication request then goes to the next configured RADIUS server. A value of 0 means that the RADIUS server is not bypassed.

Step 6. In the Key String field, enter a password that will help encrypt messages between the server and client. The key string must match the key string of the RADIUS server.

Step 7. Click Apply.

RADIUS Table

The RADIUS table allows an user to create a new RADIUS server. This procedure shows how to create a RADIUS server.

Step 1. In the RADIUS Table, click Add. A new window appears.

Step 2. In the Server Definition field, click the following radio buttons.

• By IP address — This option defines the RADIUS server by the IP address.

• By name — This option defines the RADIUS server by the name.

Step 3. In the IP Version field, click the following radio buttons.

• Version 6 — This option sets the IP address of the RADIUS server to IPv6.

• Version 4 — This option sets the IP address of the RADIUS server to IPv4.

Step 4. In the Server IP Address/Name field, enter the name or IP address for the RADIUS server depending on your choice in Step 2.

Step 5. In the Priority field, enter a priority level for the RADIUS server. 0 is the top priority. This priority determines if the Radius server is primary or backup. Radius server with the lowest priority is considered the highest.

Step 6. To the right of Key String, choose an option.

• Use Default — Sets the key string of the RADIUS server to the default string.

• User Defined — Allows a user to enter the key string in the adjacent field.

Step 7. To the right of Timeout for Reply, choose an option for the time (in seconds) in which the switch waits for the RADIUS server to respond.

• Use Default — Sets the time to the default value.

• User Defined — Allows an user to enter the time in the adjacent field.

Step 8. In the Authentication Port field, enter a port number for authentication requests.

Step 9. In the Accounting Port field, enter a port number for accounting requests.

Step 10. To the right of Retries, choose an option for the number of requests that are sent to the RADIUS server before a failure notice occurs.

• Use Default — Uses the default number of retries.

• User Defined — Allows an user to enter the number of retries in the adjacent field.

Step 11. In the Dead Time field, choose an option for the time in minutes before a RADIUS server is bypassed for being unresponsive.

• Use Default — Uses the default time.

• User Defined — Allows an user to enter the time in the adjacent field.

Step 12. In the Usage Type field, choose an option for RADIUS server authentication type.

• Login — Authenticates the user for the RADIUS server.

• User Defined — Uses 802.1X authentication.

• All — Performs both authentications.

Step 13. Click Apply.

Revision History

Revision	Publish Date	Comments
1.0	13-Dec-2018	Initial Release

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)