Hello,
we are already using dot1x and want to add management access by SSH to the switches based on RADIUS authentication. As you can see in the configuration below, I want to use a different RADIUS Server for the login authentication than for dot1x.
I defined usages in the radius-server settings, but for some weird reason the switch still connect to 10.0.1.1 instead of 10.0.2.1.
What am I missing here?
aaa authentication login "networkList" local line
aaa authentication login "rad" radius local
authentication enable
dot1x system-auth-control
aaa authentication dot1x default radius
radius-server host auth 10.0.1.1
name "DOT1X_RADIUS"
usage 802.1x
key "KEYKEYKEYKEY"
exit
radius-server host auth 10.0.2.1
name "ADMIN_LOGIN_RADIUS"
usage login
key "KEYKEYKEYKEY"
exit
line console
exec-timeout 480
login authentication networkList
password PASSWORD
exit
line ssh
exec-timeout 480
login authentication rad
exit
Best regards
