Security
7705 SAR OS System Management Guide Page 63
RADIUS Configurations
• Configuring RADIUS Authentication
• Configuring RADIUS Authorization
• Configuring RADIUS Accounting
Configuring RADIUS Authentication
RADIUS is disabled by default and must be explicitly enabled. The mandatory commands to
enable RADIUS on the local router are
radius and server server-index address
ip-address
secret key. The server command adds a RADIUS server and
configures the RADIUS server’s IP address, index, and key values. The index determines
the sequence in which the servers are queried for authentication requests.
Also, the system IP address must be configured in order for the RADIUS client to work. See
“Configuring a System Interface” in the 7705 SAR OS Router Configuration Guide.
The other commands are optional.
On the local router, use the following CLI commands to configure RADIUS authentication:
CLI Syntax: config>system>security
radius
port port
retry count
server server-index address ip-address secret key
[hash1 | hash2]
timeout seconds
no shutdown
The following example displays the CLI syntax usage:
Example: config>system>security>
security# radius
security# no shutdown
security>radius# server 1 address 10.10.10.103 secret
test11
security>radius# server 2 address 10.10.0.1 secret test2
security>radius# server 3 address 10.10.0.2 secret test3
security>radius# server 4 address 10.10.0.3 secret test4
security>radius# retry 5
security>radius# timeout 5
config>system>security>radius# exit
To Next Page
Loading...
