If you want to setup dot1x authentication for Switch Management access(switch CLI login purpose) then under additional CLI add the below commands:
set system authentication-order radius set system radius-server <radius-server-IP> port 1812 set system radius-server <radius-server-IP> secret "<secret-code>" set system radius-server <radius-server-IP> source-address <radius-Source-IP>
You can also refer to the below Juniper support document for further details related to RADIUS config for management access through switch CLI.
MAC RADIUS Authentication | Junos OS | Juniper Networks
RADIUS Server Configuration for Authentication | Junos OS | Juniper Networks
NOTE: Radius server settings on the Mist portal don’t apply to switch authentication its only used for the dot1x port authentication.
For configuring dot1x port authentication at switch level, Navigate to Switches > Click on the switch under which the config has to be made > Go to Radius Configuration > Add the Authentication Servers.
[Note: ‘Override Site/Template Settings’ checkbox should be selected if templates are mapped to the switch]
Also If we will be using dot1x for port authentication then at least one dot1x port profile needs to be enabled for the switch port for the radius configuration to be pushed on the Switch.
The respective configurations would be reflected under:
/api/v1/sites/site_id/devices/device_id [if configurations are made on switch level]
After the config got pushed to the switch we will see the below radius configurations on the switch.
