I am trying to set up RADIUS authentication over a Cisco switch and I have gone through every tutorial they have.
I am able to get the RADIUS server to authenticate when I access the CLI of the Cisco switch, but I am not sure which setting to change on the switch in order for the RADIUS server to require authentication over the fastEthernet interfaces. I have tried configuring the fastEthernet interfaces for the authentication as well, to no avail. If anyone could give me a pointer on which config item to change in the switch in order to get this to work, that would be great.
I am trying to implement 802.1x network access control rather than AAA switch administration. I already have the AAA up and running(I think) because it will consult with the RADIUS server for me to authenticate me for the enable and config privileges.
I am running it over a Cisco IE 3000, and the RADIUS server is a freeRadius server on 192.168.1.17 with auth-port 1812 and acct-port 1813. Thank you so much for any and all help
Best Answer
I have recently set up RADIUS authentication on a Cisco wireless access point.
Here are the configuration commands (I had to anonymize hostname, SSID name and IP address):
On a switch, you need to apply the
authentication
settings to a Ethernet interface (something likeinterface GigabitEthernet 0
instead ofdot11 ssid wfm
) instead of the SSID.I haven't done it on a wired network switch before so the commands might differ from my AP, see the IOS guide. I hope it helps anyway.
EDIT:
If you want to configure Radius accounting on the Switch as well, add
acct-port 1813
to theradius-server host
andserver
commands.