AAA using Radius for CLI management and 802.1x wired authentication
Problem, we don't use 802.1x at work on our wired devices, and we use TACACS+ with a configuration that was basically handed to us. No experience for me makes it harder to retain. In my studies I figured the best way to learn something is to try to teach it to others. So this my my go at AAA using Radius for CLI management and for 802.1x wired authentication.
Long story short, think of containers. Define server container with IP, ports, and key. Define group container that server belongs to (default group of "radius" is already defined), define aaa method-list-name container ("default" is already defined). Apply method-list-name container where appropriate.
Any addendums or corrections would be much appreciated.
One thing I haven't yet figured out is how to change the 802.1x to use a method-list that isn't default. I can define it, "aaa authentication dot1x NAME group GroupDot1x" but I'm not sure how to apply that so that dot1x uses "NAME" instead of "default".
Long story short, think of containers. Define server container with IP, ports, and key. Define group container that server belongs to (default group of "radius" is already defined), define aaa method-list-name container ("default" is already defined). Apply method-list-name container where appropriate.
Any addendums or corrections would be much appreciated.
One thing I haven't yet figured out is how to change the 802.1x to use a method-list that isn't default. I can define it, "aaa authentication dot1x NAME group GroupDot1x" but I'm not sure how to apply that so that dot1x uses "NAME" instead of "default".