Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual

Page 417

Advertising
background image

Rockwell Automation Publication 1783-UM006A-EN-P - May 2014

417

Configuring RADIUS and TACACS+ Servers

Chapter 14

(Optional) For

key

string, specify the authentication and encryption

key used between the access point and the RADIUS daemon running
on the RADIUS server.

To configure the access point to recognize more than one host entry
associated with a single IP address, enter this command as many times as
necessary, making sure that each UDP port number is different. The access
point software searches for hosts in the order that you specify. Set the
timeout, retransmit, and encryption key values to use with the specific
RADIUS host.

radius-server host {hostname | ip-address} [auth-

port port-number] [acct-port port-number] [timeout

seconds] [retransmit retries] [key string]

4. Define the AAA server-group with a group name.

This command puts the access point in a server group configuration mode.

aaa group server radius group-name

5. Associate a particular RADIUS server with the defined server group.

Repeat this step for each RADIUS server in the AAA server group. Each
server in the group must be previously defined in Step 2.

server ip-address

6. Return to privileged EXEC mode.

end

7. Verify your entries.

show running-config

8. (Optional) Save your entries in the configuration file.

copy running-config startup-config

9. Enable RADIUS login authentication.

See

Configuring RADIUS Login Authentication on page 414

.

To remove the specified RADIUS server, use the

no radius-

server host

hostname | ip-address global configuration command.

To remove a server group from the configuration list,

use the

no aaa group server radius

group-name global

configuration command.

To remove the IP address of a RADIUS server,

use the

no server

ip-address server group configuration command.

In this example, the access point is configured to recognize two different
RADIUS group servers (

group1 and group2). Group1 has two different host

TIP

The key is a text string that must match the encryption key used on the RADIUS
server. Always configure the key as the last item in the radius-server host
command. Leading spaces are ignored, but spaces within and at the end of the
key are used. If you use spaces in your key, don’t enclose the key in quotation
marks unless the quotation marks are part of the key.

Advertising
Popular Brands
Popular manuals