Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

Served-Based Authentication for Cat6000 Switches


I have setup CSACS to authenticate router & switches, and wireless client authentication.

In CSACS v2.6, there is a option to restrict user to certain NAS IP address. Using this feature, on Cisco router, I am able to setup RADIUS authentication that restrict only administrator account to do a VTY telnet. However, it does not seem to work for Cat6000 series switches. Any account such as user wireless account will enter the switch exec command once the username and password is correct. Is there any additional config to run ? Pls advise.

The other issue is does Cat2900/3500XL series support RADIUS authentication? I cant find any documentation although under aaa new-model radius is one of the option.


Re: Served-Based Authentication for Cat6000 Switches

Often times complex troubleshooting issues are best addressed in an interactive trouble-shooting session with one of our trained technical assistance engineers. While other forum users may be able to help, it’s often difficult to do so for this type of issue.

To utilize the resources at our Technical Assistance Center, please visit and to open a case with one of our TAC engineers, visit

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

CreatePlease to create content