Configuring Security
Configuring RADIUS Parameters
STEP 4
Configuring RADIUS Parameters
Cisco Small Business 300 Series Managed Switch Administration Guide
•
Server IP Address—Enter the TACACS+ server IP address.
•
Priority—Enter the order that this TACACS+ server is used. Zero is the
highest priority TACACS+ server and is the first server used. If it cannot
establish a session with the high priority server, the switch will try the next
highest priority server.
•
Key String—Enter the authentication and encryption key for the TACACS+
server. The key must match the encryption key configured on the TACACS+
server. Select Use Default to use the key string defined under the TACACS+
Default Parameters.
•
Timeout for Reply—Enter the amount of time that passes before the
connection between the switch and the TACACS+ server times out. Select
Use Default to use the default value displayed on the page.
•
Authentication IP Port—Enter the port number through which the
TACACS+ session occurs. The default is port 49.
•
Single Connection—Select to enable a single open connection between
the switch and the TACACS+ server.
Click Apply. The TACACS+ server is added, and the switch is updated.
Remote Authorization Dial-In User Service (RADIUS) servers provide a centralized
802. 1 X or MAC-based network access control. The switch is a RADIUS client that
relies on a RADIUS server to provide centralized security, authorizing and
authenticating users attempting to access and administer the switch.
For the RADIUS server to grant access to the web-based switch configuration
utility, the RADIUS server must return cisco-avpair = shell:priv-lvl=15.
Use this page to enable the configuration of the RADIUS server parameters the
switch uses to communicate with the servers.
16
197