52
Enhancements in Release F.05.05 through F.05.70
Enhancements in Release F.05.05 through F.05.60
3. If you selected either eap-radius or chap-radius for step 2, use the radius host command to
configure up to three RADIUS server IP address(es) on the switch.
4. Activate authentication on the switch.
5. Test both the authorized and unauthorized access to your system to ensure that the 802.1X
authentication works properly on the ports you have configured for port-access.
Note
If you want to implement the optional port security feature on the switch, you should first ensure
that the ports you have configured as 802.1X authenticators operate as expected. Then refer to
“Option For Authenticator Ports: Configure Port-Security To Allow Only 802.1X Devices” on page 55.
After you complete steps 1 and 2, the configured ports are enabled for 802.1X authentication (without
VLAN operation), and you are ready to configure VLAN Operation.
Syntax: radius host < ip-address >
Adds a server to the RADIUS configuration.
[key < server-specific key-string >]
Optional. Specifies an encryption key for use with the
specified server. This key must match the key used on
the RADIUS server. Use this option only if the specified
server requires a different key than configured for the
global encryption key.
radius-server key < global key-string >
Specifies the global encryption key the switch uses for
sessions with servers for which the switch does not
have a server-specific key. This key is optional if all
RADIUS server addresses configured in the switch
include a server- specific encryption key.
Syntax: aaa port-access authenticator active
Activates 802.1X port-access on ports you have config-
ured as authenticators.