Security
7450 ESS System Mangement Guide Page 87
RADIUS Configurations
• Configuring RADIUS Authentication on page 87
• Configuring RADIUS Authorization on page 88
• Configuring RADIUS Accounting on page 89
• Configuring 802.1x RADIUS Policies on page 90
Configuring RADIUS Authentication
RADIUS is disabled by default and must be explicitly enabled. The mandatory commands to
enable RADIUS on the local router are radius and server server-index address ip-
address secret key.
Also, the system IP address must be configured in order for the RADIUS client to work. See
Configuring a System Interface of the 7450 ESS Router Configuration Guide.
The other commands are optional. The server command adds a RADIUS server and configures the
RADIUS server’s IP address, index, and key values. The index determines the sequence in which
the servers are queried for authentication requests.
On the local router, use the following CLI commands to configure RADIUS authentication:
CLI Syntax: config>system>security
radius
port port
retry count
server server-index address ip-address secret key
timeout seconds
no shutdown
The following displays a RADIUS authentication configuration example:
A:ALA-1>config>system>security# info
----------------------------------------------
retry 5
timeout 5
server 1 address 10.10.10.103 secret "test1"
server 2 address 10.10.0.1 secret "test2"
server 3 address 10.10.0.2 secret "test3"
server 4 address 10.10.0.3 secret "test4"
...
----------------------------------------
A:ALA-1>config>system>security#
To Next Page
Loading...
