Configuring the primary password authentication method for port-access, MAC-based, and web-based access

Syntax:


aaa authentication <port-access <local|eap-radius|chap-radius>|<mac-based|web-based|<chap-radius|peap-mschapv2> [none|authorized|server-group|<group-name>]>>

Configures the primary authentication method for port-access, MAC-based, or web-based access.


mac-based|web-based <chap-radius|peap-mschapv2>

Password authentication for web-based or MAC-based port access to the switch. Use peap-mschapv2 for password verification without requiring access to a plain text password; it is more secure.

Default: chap-radius


port-access <local|eap-radius|chap-radius>

Configures local, chap-radius (MD5), or eap-radius as the primary password authentication method for port-access.

Default primary authentication: local.


[none|authorized|server-group <group-name>]

none: No backup authentication method is used.

authorized: Allow access without authentication

server-group <group-name>: Specifies the server group to use with RADIUS.

Syntax:


aaa accounting <exec|network|system|commands| <start-stop|stop-only> radius [server-group <group-name>]

Configures accounting type and how data will be sent to the RADIUS server.

radius

Uses RADIUS protocol as accounting method.

server-group <group-name>

Specifies the server group to use with RADIUS.