Users Guide
Security Commands 993
User Guidelines
This command configures the RADIUS authentication protocol used for
MAB devices connected to the interface.
CHAP and PAP are not supported for TACACS authentication.
The switch sends the following information to the RADIUS server for CHAP
Access-Requests:
1–User-Name—MAC address of MAB device.
3–CHAP-Password = Encrypted User Name.
4–NAS-IP-Address—IP address of the switch.
5–NAS-Port—Our internal port number.
6–Service-Type is set to 10 (Call-Check).
12–Framed-MTU—Port/switch MTU—header length (for example, 1500).
30–Called Station ID—MAC address of device (in xx:xx:xx:xx:xx:xx format).
31–Calling-Station ID—Switch MAC address.
60–CHAP-Challenge (if auth type is CHAP).
61–NAS-Port-Type (Ethernet 15).
87–NAS-Port-Id (e.g., Gigabitethernet 1/0/15)
The switch sends the following information to the RADIUS server for CHAP
Access-Requests:
1–User-Name—MAC address of MAB device.
2-User-Password—MAC Address of the MAB device (encrypted).
4–NAS-IP-Address—IP address of the switch.
5–NAS-Port—Our internal port number.
6–Service—Type is set to 10 (Call-Check).
12–Framed-MTU—Port/switch MTU—header length (for example, 1500).
30–Called Station ID—MAC address of device (in xx:xx:xx:xx:xx:xx format).
31–Calling-Station ID—Switch MAC address.
61–NAS-Port-Type (Ethernet 15).
87–NAS-Port-Id (e.g., Gigabitethernet 1/0/15)