280 CHAPTER 11: 802.1X CONFIGURATION
Perform the following configurations in System View.
Table 313 Creating/Deleting a RADIUS Server Group
By default, the system has a RADIUS scheme named as default system whose
attributes are all default values. The default attribute values will be introduced in
the following text.
Several ISP domains can use a RADIUS scheme at the same time. You can
configure up to 16 RADIUS schemes, including the default scheme named as
default system.
Configuring RADIUS
Authentication/
Authorization Servers
After creating a RADIUS scheme, you have to set IP addresses and UDP port
numbers for the RADIUS servers, including primary/secondary
authentication/authorization servers and accounting servers. You can configure up
to four groups of IP addresses and UDP port numbers. However, as a minimum,
you have to set one group of IP address and UDP port number for each pair of
primary/secondary servers to ensure the normal AAA operation.
You can use the following commands to configure the IP address and port number
for RADIUS servers.
Perform the following configurations in RADIUS Scheme View.
Table 314 Configuring RADIUS Authentication/Authorization Servers
By default, as for the newly created RADIUS scheme, the IP address of the primary
authentication server is 0.0.0.0, and the UDP port number of this server is 1812; as
for the "system" RADIUS scheme created by the system, the IP address of the
primary authentication server is 127.0.0.1, and the UDP port number is 1645.
The authorization information from the RADIUS server is sent to RADIUS clients in
authentication response packets, so you do not need to specify a separate
authorization server.
Operation Command
Create a RADIUS scheme and enter its view radius scheme
radius_scheme_name
Delete a RADIUS scheme undo radius scheme
radius_scheme_name
Operation Command
Set IP address and port number of primary
RADIUS authentication/authorization server.
primary authentication
ip_address
[
port_number
]
Restore IP address and port number of primary
RADIUS authentication/authorization server to
the default values.
undo primary authentication
Set IP address and port number of secondary
RADIUS authentication/authorization server.
secondary authentication
ip_address
[
port_number
]
Restore IP address and port number of second
RADIUS authentication/authorization server to
the default values.
undo secondary authentication
To Next Page