Oh I saw the earlier post. My bad… 
1 Like
when we configure the radius server, can we just write [SW1(config)#radius-server host 192.168.1.101 key radiuspass] ? without specifying port numbers? also we write the default value of acct-port which is 1646 (So, it is possible to not mention the acct-port in the command, right?). What is the auth-port 1812?
is it because of the radius server (Elektron)? meaning, there is a specific port number for each server? if we use another server then, different port number need to be used?
Hello Mohanad
You can indeed issue the command without the port numbers if you choose to. By default, the auth-port port number is 1645 and by default, the acct-port port number is 1646. In this specific lesson, Rene had to specify the auth-port since it was different from the default. He didn’t need to specify the acct-port since it is the default, however, he chose to include it for completeness.
I hope this has been helpful!
Laz
Hello,
please can you give me a help for how can i configure the switch WS-C2960L-24PS-LL.
some comand are different from your swtich dimostration.
Thanks
Hello Valerio
It could be that some of the commands have changed since the writing of the lesson. Can you share with us the version of the IOS in the device you are using and which commands you find are not working? Let us know and we’ll look into it further…
Looking forward to hearing back from you!
Laz
Hello Lazaros,
C2960L Software (C2960L-UNIVERSALK9-M), Version 15.2(6)E, when i enable aaa new-model then in config i cannot make the comand: radius-server host ?
% Unrecognized command.
the only options that i have are :
radius-server ?
accounting Accounting information configuration
attribute Customize selected radius attributes
authorization Authorization processing information
backoff Retry backoff pattern(Default is retransmits with constant delay)
cache AAA auth cache default server group
challenge-noecho Data echoing to screen is disabled during Access-Challenge
configure-nas Attempt to upload static routes and IP pools at startup
dead-criteria Set the criteria used to decide when a radius server is marked dead
deadtime Time to stop using a server that doesn't respond
directed-request Allow user to specify radius server to use with `@server'
domain-stripping Strip the domain from the username
load-balance Radius load-balancing options.
optional-passwords The first RADIUS request can be made without requesting a password
retransmit Specify the number of retries to active server
retry Specify how the next packet is sent after timeout.
source-ports source ports used for sending out RADIUS requests
throttle Throttle requests to radius server
timeout Time to wait for a RADIUS server to reply
transaction Specify per-transaction parameters
unique-ident Higher order bits of Acct-Session-Id
vsa Vendor specific attribute configurationHello Valerio
Starting from IOS 15.4(2)S, the command has changed. As shown in this Cisco IOS command reference, the command is now radius server <name>.
For example:
Router(config)# aaa new-model
Router(config)# radius server
Router(config-radius-server)# address ipv4 10.0.0.1 acct-port 1813 auth-port 1812
Router(config-radius-server)# key mykey
More info on this command can be found in this command line reference:
I hope this has been helpful!
Laz
Hi community !
AAA Configuration on Cisco Switch : Section 2: Configuration
I could not find **dot1x ** cli config under switchport interface. I am using
Cisco IOS Software, vios_l2 Software (vios_l2-ADVENTERPRISEK9-M), Version 15.2
Please inform the which version of the switch has interface cli option for dot1x
Hello Raghu
I’ve just logged in to CML and found that I have Cisco IOS Software, vios_l2 Software (vios_l2-ADVENTERPRISEK9-M), Version 15.2 same as you, and I have the dot1x optoin available. Did you remember to start off by issuing the aaa new-model command?
Let us know!
I hope this has been helpful!
Laz