Setting radius parameters – Brocade BigIron RX Series Configuration Guide User Manual

Page 1131

Advertising
background image

BigIron RX Series Configuration Guide

1053

53-1002484-04

Configuring 802.1x port security

34

NOTE

Multi-Device Port Authentication and 802.1x authentication can both be enabled on a port; however
only one of them can authenticate a MAC address/802.1x client.

Configuring an authentication method list for 802.1x

To use 802.1x port security, you must specify an authentication method to be used to authenticate
Clients. Brocade supports RADIUS authentication with 802.1x port security. To use RADIUS
authentication with 802.1x port security, you create an authentication method list for 802.1x and
specify RADIUS as an authentication method, then configure communication between the BigIron
RX and RADIUS server.

For example.

BigIron RX(config)# aaa authentication dot1x default radius

Syntax: [no] aaa authentication dot1x default <method-list>

For the <method-list>, enter at least one of the following authentication methods.

radius – Use the list of all RADIUS servers that support 802.1x for authentication.

none – Use no authentication. The Client is automatically authenticated without the device using
information supplied by the Client.

NOTE

If you specify both radius and none, make sure radius comes before none in the method list.

Setting RADIUS parameters

To use a RADIUS server to authenticate access to a BigIron RX, you must identify the server to the
BigIron RX. For example.

BigIron RX(config)# radius-server host 209.157.22.99 auth-port 1812 acct-port

1813 default key mirabeau dot1x

Syntax: radius-server host <ip-addr> | <server-name> [auth-port <number> acct-port <number>

[authentication-only | accounting-only | default [key 0 | 1 <string> [dot1x]]] ]

The host <ip-addr> | <server-name> parameter is either an IP address or an ASCII text string.

The auth-port <number> parameter specifies what port to use for RADIUS authentication.

The acct-port <number> parameter specifies what port to use for RADIUS accounting.

The dot1x parameter indicates that this RADIUS server supports the 802.1x standard. A RADIUS
server that supports the 802.1x standard can also be used to authenticate non-802.1x
authentication requests.

NOTE

To implement 802.1x port security, at least one of the RADIUS servers identified to the BigIron RX
must support the 802.1x standard.

Advertising
See also other documents in the category Brocade Computer Accessories: