Chapter 27
Configuring Switch Access Using AAA
tacacs
radius
local
Console> (enable)
Specifying the RADIUS Key
The RADIUS key is used to encrypt and authenticate all communication between the RADIUS client
and server. You must configure the same key on the client and the RADIUS server.
The length of the key is limited to 65 characters. It can include any printable ASCII characters except
tabs.
To specify the RADIUS key, perform this task in privileged mode:
Task
Step 1
Configure the RADIUS key used to encrypt
packets sent to the RADIUS server.
Step 2
Verify the RADIUS configuration.
This example shows how to specify the RADIUS key and verify the configuration (in normal mode, the
RADIUS key value is hidden):
Console> (enable) set radius key Secret_RADIUS_key
Radius key set to Secret_RADIUS_key
Console> (enable) show radius
Login Authentication:
---------------------
tacacs
radius
local
Enable Authentication: Console Session
---------------------- ----------------- ----------------
tacacs
radius
local
Radius Deadtime:
Radius Key:
Radius Retransmit:
Radius Timeout:
Radius-Server
----------------------------- -------
172.20.52.3
Console> (enable)
78-12647-02
disabled
enabled(primary)
enabled
Console Session
----------------
disabled
enabled(primary)
enabled
disabled
enabled(primary)
enabled
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
disabled
enabled(primary)
enabled
Command
set radius key key
show radius
Telnet Session
----------------
disabled
enabled(primary)
enabled
Telnet Session
disabled
enabled(primary)
enabled
0 minutes
Secret_RADIUS_key
2
5 seconds
Status
Auth-port
------------
primary
1812
Configuring Authentication
27-25