Cisco Cisco SG200-26P 26-port Gigabit PoE Smart Switch メンテナンスマニュアル
Security
RADIUS
Cisco Small Business SF200E Series Advanced Smart Switch
160
10
Adding a RADIUS Server
You can configure multiple RADIUS servers and configure priority levels that
determine the order they are contacted.
determine the order they are contacted.
!
CAUTION
All management users are created with read-write permissions. Ensure that all
RADIUS server users you configure have the same privilege levels; otherwise they
are not granted access to the switch.
RADIUS server users you configure have the same privilege levels; otherwise they
are not granted access to the switch.
To add a RADIUS Server to the RADIUS Table:
STEP 1
Click Add
STEP 2
Enter the parameters:
•
RADIUS Server—IP address or hostname of the server.
•
Priority—The lower the priority number value, higher the priority of the
server. For example, server configured with priority value 1 has higher
priority than server configured with priority value 2. If all the servers are
configured with the same or the default priority value, the switch tries the
RADIUS servers in a first-come, first served basis. The range is 1 to 65535.
The default is 8.
server. For example, server configured with priority value 1 has higher
priority than server configured with priority value 2. If all the servers are
configured with the same or the default priority value, the switch tries the
RADIUS servers in a first-come, first served basis. The range is 1 to 65535.
The default is 8.
•
Key String—A shared secret text string used for authenticating and
encrypting all RADIUS communications between the switch and the RADIUS
server. This secret must match the secret configured on the RADIUS server.
This must be an ASCII alphanumeric value between 32 to 176 characters.
encrypting all RADIUS communications between the switch and the RADIUS
server. This secret must match the secret configured on the RADIUS server.
This must be an ASCII alphanumeric value between 32 to 176 characters.
•
Authentication Port—Port number used for RADIUS authentication
requests and replies. The default port, 1812, is the well-know IANA port
number for RADIUS authentication services. The range is 1025 to 65535.
The default is1812.
requests and replies. The default port, 1812, is the well-know IANA port
number for RADIUS authentication services. The range is 1025 to 65535.
The default is1812.
•
Message Authenticator—This field is selected by default. When enabled,
the message authenticator attribute is included in RADIUS request
messages to the server. This attribute protects the RADIUS messages from
spoofing and tampering. The shared secret is used as the key. If the RADIUS
Message Authenticator attribute is present in the packet, it is verified by the
server. If verification fails, the server drops the request packet.
the message authenticator attribute is included in RADIUS request
messages to the server. This attribute protects the RADIUS messages from
spoofing and tampering. The shared secret is used as the key. If the RADIUS
Message Authenticator attribute is present in the packet, it is verified by the
server. If verification fails, the server drops the request packet.