C
ONFIGURING
THE
S
WITCH
3-38
CLI – Specify all the required parameters to enable logon authentication.
Configuring HTTPS
You can configure the switch to enable the Secure Hypertext Transfer
Protocol (HTTPS) over the Secure Socket Layer (SSL), providing secure
access (i.e., an encrypted connection) to the switch’s web interface.
Command Usage
• Both the HTTP and HTTPS service can be enabled independently on
the switch. However, you cannot configure both services to use the
same UDP port.
• If you enable HTTPS, you must indicate this in the URL that you
specify in your browser: https://device[:port_number]
• When you start HTTPS, the connection is established in this way:
- The client authenticates the server using the server’s digital
certificate.
Console(config)#authentication login radius 4-94
Console(config)#radius-server host 192.168.1.25 4-95
Console(config)#radius-server port 181 4-96
Console(config)#radius-server key green 4-97
Console(config)#radius-server retransmit 5 4-97
Console(config)#radius-server timeout 10 4-98
Console(config)#end
Console#show radius-server 4-98
Remote radius server configuration:
Server IP address: 192.168.1.25
Communication key with radius server: green
Server port number: 181
Retransmit times: 5
Request timeout: 10
Console(config)#authentication login tacacs 4-94
Console(config)#tacacs-server host 10.20.30.40 4-99
Console(config)#tacacs-server port 200 4-100
Console(config)#tacacs-server key green 4-101
Console(config)#end
Console#show tacacs-server 4-101
Remote TACACS server configuration:
Server IP address: 10.20.30.40
Communication key with TACACS server: green
Server port number: 200
Console#