Mac OS X Server has a RADIUS service. The Cisco MDS 9000 is becoming a pretty common Fibre Channel switch to use in Xsan environments, which often have an Open Directory server running. If you enable the RADIUS service you can then have the MDS 9000 authenticate administrative and monitoring users over RADIUS so that you continue to centralize your authentication services. To get started, first put the MDS into config mode using the config command with a t option:
config t
Specifies the preshared key for the selected RADIUS server. This should be the same as the preshared key you use in your Mac OS X Server’s RADIUS configuration, specified using the radius-server key command. Here, the host is 192.168.210.1 and the key isKrYpTeD (although in your case it would be the same as the one you used to configure AirPort if using WPA2 Enterprise for example).
switch(config)# radius-server host 192.168.210.1 key KrYpTeD
The default authentication port for RADIUS is 1812, although you can use the following command from a client to determine the port:
echo “Message-Authenticator = 0x00” | radclient 192.168.210.1 status KrYpTeD
Next, configure the UDP port for RADIUS authentication. Use radius-server, specify the host again and then the IP of the host, followed by the auth-port and the port number:
switch(config)# radius-server host 192.168.210.1 auth-port 1812
Next, provide the accounting port (if none is defined it will try to use 1813). Specify the UDP port, for RADIUS. The default accounting port is 1813 so we’ll use that here:
switch(config)# radius-server host 192.168.210.1 acct-port 1813
Next configure the accounting server itself, which is similar as above, but specify the host followed by the IP and then the role:
switch(config)# radius-server host 192.168.210.1 accounting
Next, test. You may need to enter more keys, depending on your devices configuration, which can be obtained through the serveradmin command and/or eap.conf/radiusd.conf or the radiusconfig command on the Mac OS X Server. The setup for the Aeronet is fairly similar (although a bit more graphical). I’ll try and cover that at a later date when I have the time to grab some screenshots.
