Setting radius parameters, Supported radius attributes – Brocade TurboIron 24X Series Configuration Guide User Manual
Page 985
Brocade TurboIron 24X Series Configuration Guide
951
53-1003053-01
Configuring 802.1X port security
For the <method-list>, enter at least one of the following authentication methods
radius – Use the list of all RADIUS servers that support 802.1X for authentication.
none – Use no authentication. The Client is automatically authenticated without the device using
information supplied by the Client.
NOTE
If you specify both radius and none, make sure radius comes before none in the method list.
Setting RADIUS parameters
To use a RADIUS server to authenticate access to a device, you must identify the server to the
device.
Example
TurboIron(config)#radius-server host 10.157.22.99 auth-port 1812 acct-port 1813
default key mirabeau dot1x
Syntax: radius-server host <ip-addr> |
acct-port <num> | default] [key 0 | 1 <string>] [dot1x]
The host <ip-addr> | <ipv6-addr> | <server-name> parameter is either an IP address or an ASCII
text string.
The dot1x parameter indicates that this RADIUS server supports the 802.1X standard. A RADIUS
server that supports the 802.1X standard can also be used to authenticate non-802.1X
authentication requests.
NOTE
To implement 802.1X port security, at least one of the RADIUS servers identified to the device must
support the 802.1X standard.
Supported RADIUS attributes
Many IEEE 802.1X Authenticators will function as RADIUS clients. Some of the RADIUS attributes
may be received as part of IEEE 802.1X authentication. Devices support the following RADIUS
attributes for IEEE 802.1X authentication:
•
Username (1) – RFC 2865
•
NAS-IP-Address (4) – RFC 2865
•
NAS-Port (5) – RFC 2865
•
Service-Type (6) – RFC 2865
•
FilterId (11) – RFC 2865
•
Framed-MTU (12) – RFC 2865
•
State (24) – RFC 2865
•
Vendor-Specific (26) – RFC 2865
•
Session-Timeout (27) – RFC 2865
•
Termination-Action (29) – RFC 2865
•
Calling-Station-ID (31) – RFC 2865
•
NAS-Port-Type (61) š RFC 2865