Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Radius Implementation

Hi,

I need to implement Radius authentication using Active Directory. My question is do I need to specify the encryption method? or the the key spcified under radius-server key command enough to encrypt?

I am concerned about the information been sent in clear text between the switch and the radius server. the switch is conbfigured for SSH. how do I secure this?

I did some lab teSts and it is working except that I am worried about clear text passwords.

Your help in this regard will be highly appreciated.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Radius Implementation

Transactions between the client and RADIUS server are authenticated through the use of a shared secret, which is never sent over the network. In addition, any user passwords are sent encrypted between the client and RADIUS server. This eliminates the possibility that someone snooping on an unsecured network could determine a user's password.

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml#rad_netsec

Hope that helps.

1 REPLY

Re: Radius Implementation

Transactions between the client and RADIUS server are authenticated through the use of a shared secret, which is never sent over the network. In addition, any user passwords are sent encrypted between the client and RADIUS server. This eliminates the possibility that someone snooping on an unsecured network could determine a user's password.

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml#rad_netsec

Hope that helps.

96
Views
0
Helpful
1
Replies