Configuring RADIUS Relay Server Support

To configure the RADIUS relay server feature, you enable support for the feature on the E Series router and identify the key (secret) used for the connection between the WAP and the RADIUS relay server. The following example configures a RADIUS relay authentication server. Use similar steps to configure a RADIUS relay accounting server.

Note: The E Series router supports one instance of the RADIUS relay server per virtual router. The instance can provide authentication, authorization, and accounting support.

1. Enable RADIUS relay server support on the E Series router, and enter RADIUS Relay Configuration mode.
   host1(config)#radius relay authentication serverhost1(config-radius-relay)#
2. Specify the IP address and mask of the network that will use the relay authentication server, and the secret used during exchanges between the relay authentication server and clients (the WAPs).
   host1(config-radius-relay)#key 192.168.25.9 255.255.255.255 mysecret
3. Specify the router’s User Datagram Protocol (UDP) port on which the RADIUS relay server listens.
   host1(config-radius-relay)#udp-port 1812
4. (Optional) Verify the configuration.
   host1(config-radius-relay)#exit host1(config)#exit host1#show radius relay servers

   RADIUS Relay Authentication Server Configuration
   ------------------------------------------------
    IP Address         IP Mask        Secret
   -------------   ---------------   ---------
   10.10.15.0      255.255.255.0     secret
   10.10.8.15      255.255.255.255   newsecret
   192.168.25.9    255.255.255.255   mysecret
   192.168.102.5   255.255.255.255   999Y2K
   Udp Port: 1812

   RADIUS Relay Accounting Server Configuration
   --------------------------------------------
    IP Address         IP Mask       Secret
   -------------   ---------------   -------
   10.10.1.0       255.255.255.0     NO8pxq
   192.168.102.5   255.255.255.255   12BE$56
   Udp Port: 1813