Radius Implementation

Answered Question
May 28th, 2009

Hi,

I need to implement Radius authentication using Active Directory. My question is do I need to specify the encryption method? or the the key spcified under radius-server key command enough to encrypt?

I am concerned about the information been sent in clear text between the switch and the radius server. the switch is conbfigured for SSH. how do I secure this?

I did some lab teSts and it is working except that I am worried about clear text passwords.

Your help in this regard will be highly appreciated.

I have this problem too.
0 votes
Correct Answer by Collin Clark about 7 years 6 months ago

Transactions between the client and RADIUS server are authenticated through the use of a shared secret, which is never sent over the network. In addition, any user passwords are sent encrypted between the client and RADIUS server. This eliminates the possibility that someone snooping on an unsecured network could determine a user's password.

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml#rad_netsec

Hope that helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Collin Clark Thu, 05/28/2009 - 05:14

Transactions between the client and RADIUS server are authenticated through the use of a shared secret, which is never sent over the network. In addition, any user passwords are sent encrypted between the client and RADIUS server. This eliminates the possibility that someone snooping on an unsecured network could determine a user's password.

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml#rad_netsec

Hope that helps.

Actions

This Discussion