Cisco switches have poor functionality in web interface, that’s why we use command shell to give settings: Once the TOTPRadius appliance has been configured, the following steps outline how to configure Catalyst 3750 series switch ► If you decide to allow self-enrollment, make sure "Allow ldap enrollment" parameter is enabled. In the same section, you can also allow re-enrollment and modify the intro text of the LDAP web enrollment page. ► Specify the LDAP server IP/FQDN (192.168.99.10) and the format of the or DOMAIN\%username% format, where "DOMAIN" or "domain.local" need to be replaced with the domain name or removed if needed ) ► In the Endpoint IP and subnet fields specify the parameters of your Cisco Catalyst 3750 Switch (192.168.99.77) ► Set 'Allow initial login' value to zero
Once the TOTPRadius appliance has been installed and initialized, configure the following settings on the General settings page:
Token2 TOTPRadius v0.2.6 with built-in free 5 users license( ip: 192.168.99.11).Active Directory deployed on Windows Server 2016 ( ip: 192.168.99.10).The guide is based on the following components: This guide may be suitable for other Cisco Catalyst switch models as well. As a third-party solution we use TOTPRadius. This guide will document how to configure 2-factor authentication on a Cisco Catalyst 3750 Switch, using Microsoft Active Directory as the first factor and TOTPRadius Server as the second. TOTPRadius : MFA for SSH access to Cisco switchesĬisco switches do not natively support two-factor authentication, a third-party solution is required for this configuration.
0 kommentar(er)
