# Exstreme Gen1 RADIUS Authentication The example configuration below shows how to configure RADIUS for both Management and Port authentication. The server, client-ip and secrets will be unique to your environment. This example also configures and enables RADIUS accounting. > configure radius mgmt-access primary server 10.21.0.10 1812 client-ip 172.16.5.20 vr VR-Default > configure radius mgmt-access primary shared-secret encrypted "#$sLBECeI3y+vi56D+JsXsSaWmuvynCERCHNm1lyy21cwRTssjdoE=" > configure radius mgmt-access secondary server 10.21.0.12 1812 client-ip 172.16.5.20 vr VR-Default > configure radius mgmt-access secondary shared-secret encrypted "#$aV4JSbB7qYJIrkN+xyFpkm8C3VhEMCvmeXg+CHuFmWCPuo9/BjA=" > configure radius netlogin primary server 10.21.0.10 1812 client-ip 172.16.5.20 vr VR-Default > configure radius netlogin primary shared-secret encrypted "#$E1KQvrolmf3rZESnOuZCzgHvxuOncnJsRCrlsGkg9URvSuQAOQ8=" > configure radius netlogin secondary server 10.21.0.12 1812 client-ip 172.16.5.20 vr VR-Default > configure radius netlogin secondary shared-secret encrypted "#$25naJ++VqZmHWFE3p940NH+BMkvA4BL2GYj1HB1WaY1AFrIt4rQ=" > configure radius-accounting netlogin primary server 10.21.0.10 1813 client-ip 172.16.5.20 vr VR-Default > configure radius-accounting netlogin primary shared-secret encrypted "#$5f6QnmG9LhNB1pb1WQB3T+F8LIIhnl5n83AzKewrEGHPtlQkLTI=" > configure radius-accounting netlogin secondary server 10.21.0.12 1813 client-ip 172.16.5.20 vr VR-Default > configure radius-accounting netlogin secondary shared-secret encrypted "#$2vpSd5mMYX46JQvXCLYqFjRnfH4AVawx57QYAm+QufLMbiRc/Do=" > enable radius > enable radius mgmt-access > enable radius netlogin > enable radius-accounting netlogin The example configuration below will enable both dot1x user and MAC authentication on a port by port basis. Note that you must create a dedicated netlogin pre-authentication vlan, in this case it's called net-login. > create vlan "net-login" > configure vlan net-login tag 2000 > configure netlogin vlan net-login > enable netlogin dot1x mac > configure netlogin mac authentication database-order radius > enable netlogin ports 1:12-46 dot1x > enable netlogin ports 1:12-46 mac > configure netlogin ports 1:12 mode mac-based-vlans > configure netlogin ports 1:12 restart > configure netlogin add mac-list ff:ff:ff:ff:ff:ff 48