AT-9000 Switch Command Line User’s Guide
Section XI: Management Security 1195
Specifying a
RADIUS Global
Encryption Key
If the RADIUS servers on your network use the same encryption key, you
use the RADIUS-SERVER KEY command in the Global Configuration
mode to enter a global encryption key in the client. The format of the
command is:
radius-server key
secret
This example specifies “4tea23” as the global encryption key of the
RADIUS servers:
awplus> enable
awplus# configure terminal
awplus(config)# radius-server key 4tea23
To remove the global encryption key without specifying a new value, use
the NO form of this command:
awplus> enable
awplus# configure terminal
awplus(config)# no radius-server key
Specifying the
Server Timeout
When the switch sends an authentication request to a RADIUS server, it
waits a predefined time period for a response. This time period is referred
to as the server timeout value. If the switch does not receive a response to
an authentication request, it queries the next server in the list. If none of
the servers respond, the switch activates the local manager accounts.
To set the server timeout period, use the RADIUS-SERVER TIMEOUT
command in the Global Configuration mode. The range is 1 to 300
seconds. The default is 30 seconds.
This example sets the RADIUS timeout to 15 seconds:
awplus> enable
awplus# configure terminal
awplus(config)# radius-server timeout 15
Deleting Server
IP Addresses
To delete the IP address of a RADIUS server from the list of servers on the
switch, use the NO RADIUS-SERVER HOST command in the Global
Configuration mode. You can delete only one IP address at a time with this
command. This example removes the IP address 211.132.123.12 from the
list of RADIUS servers:
awplus> enable
awplus# configure terminal
awplus(config)# no radius-server host 211.132.123.12
To Next Page
Loading...
