Security
7705 SAR OS System Management Guide 129
Parameters count — the retry count
Values 1 to 10
server
Syntax server server-index address ip-address secret key [hash | hash2] [auth-port auth-port]
[acct-port acct-port] [type server-type]
no server server-index
Context config>system>security>dot1x>radius-plcy
Description This command adds an 802.1x server and configures the IP address, index, and key values.
Up to five 802.1x servers can be configured at any one time. These servers are accessed in order from
lowest to highest index for authentication requests until a response from a server is received. A higher-
indexed server is only queried if no response is received from a lower-indexed server (which implies
that the server is not available). If a response from a server is received, no other 802.1x servers are
queried. It is assumed that there are multiple identical servers configured as backups and that the
servers do not have redundant data.
The no form of the command removes the server from the configuration.
Default n/a
Parameters server-index — the index for the 802.1x server
Values 1 to 5
ip-address — the IP address of the 802.1x server. Each 802.1x server must have a unique IP
address. An error message is generated if the server address is a duplicate.
Values a.b.c.d
key — the secret key to access the 802.1x server. This secret key must match the password on the
802.1x server.
Values up to 20 alphanumeric characters
hash — specifies that the key is entered in an encrypted form. If the hash parameter is not used,
the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored
in encrypted form in the configuration file with the hash parameter specified.
hash2 — specifies that the key is entered in a more complex encrypted form that involves more
variables than the key value alone. This means that the hash2 encrypted variable cannot be
copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an
unencrypted, clear text form. For security, all keys are stored in encrypted form in the
configuration file with the
hash parameter specified.
auth-port — the UDP port number used to contact the RADIUS server for authentication
Values 1 to 65535
To Next Page
Loading...
