05-28-2009 04:07 AM
Hi,
I need to implement Radius authentication using Active Directory. My question is do I need to specify the encryption method? or the the key spcified under radius-server key command enough to encrypt?
I am concerned about the information been sent in clear text between the switch and the radius server. the switch is conbfigured for SSH. how do I secure this?
I did some lab teSts and it is working except that I am worried about clear text passwords.
Your help in this regard will be highly appreciated.
Solved! Go to Solution.
05-28-2009 05:14 AM
Transactions between the client and RADIUS server are authenticated through the use of a shared secret, which is never sent over the network. In addition, any user passwords are sent encrypted between the client and RADIUS server. This eliminates the possibility that someone snooping on an unsecured network could determine a user's password.
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml#rad_netsec
Hope that helps.
05-28-2009 05:14 AM
Transactions between the client and RADIUS server are authenticated through the use of a shared secret, which is never sent over the network. In addition, any user passwords are sent encrypted between the client and RADIUS server. This eliminates the possibility that someone snooping on an unsecured network could determine a user's password.
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml#rad_netsec
Hope that helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide