Chapter 7
Configuring Switch-Based Authentication
Monitoring and Troubleshooting CoA Functionality
The following Cisco IOS commands can be used to monitor and troubleshoot CoA functionality on the
switch:
•
•
•
•
•
•
Configuring RADIUS Server Load Balancing
This feature allows access and authentication requests to be evenly across all RADIUS servers in a server
group. For more information, see the "RADIUS Server Load Balancing" chapter of the "Cisco IOS
Security Configuration Guide", Release 12.2:
http://www.ciscosystems.com/en/US/docs/ios/12_2sb/feature/guide/sbrdldbl.html
Displaying the RADIUS Configuration
To display the RADIUS configuration, use the show running-config privileged EXEC command.
Controlling Switch Access with Kerberos
This section describes how to enable and configure the Kerberos security system, which authenticates
requests for network resources by using a trusted third party. To use this feature, the cryptographic (that
is, supports encryption) versions of the switch software must be installed on your switch.
You can download the cryptographic software image from
see the release notes for this release.
These sections contain this information:
•
•
•
For Kerberos configuration examples, see the "Kerberos Configuration Examples" section in the
"Security Server Protocols" chapter of the Cisco IOS Security Configuration Guide, Release 12.2, at this
URL:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_book09186a
0080087df1.html
OL-12247-04
debug radius
debug aaa coa
debug aaa pod
debug aaa subsys
debug cmdhd [detail | error | events]
show aaa attributes protocol radius
Understanding Kerberos, page 7-40
Kerberos Operation, page 7-42
Configuring Kerberos, page 7-43
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
Controlling Switch Access with Kerberos
www.dell.com/support
For more information,
7-39