Chapter 81: RADIUS and TACACS+ Clients
1192 Section XI: Management Security
Managing the RADIUS Client
The following subsections describe how to manage the RADIUS client:
“Adding IP Addresses of RADIUS Servers” next
“Specifying a RADIUS Global Encryption Key” on page 1193
“Specifying the Server Timeout” on page 1193
“Specifying RADIUS Accounting” on page 1194
“Removing the Accounting Method List” on page 1194
“Deleting Server IP Addresses” on page 1195
“Displaying the RADIUS Client” on page 1195
Adding IP
Addresses of
RADIUS Servers
The RADIUS client can store up to three IP addresses of RADIUS servers
on your network. The order that you add an IP address determines its
order on the switch. For instance, the first IP address that you add
becomes server one, the second IP address that you add becomes server
two, and the third IP address that you add becomes server three. Also,
when you remove an IP address from the switch, the place holder is
retained. For example, if you make the following assignments:
server one is 186.178.11.154
server two is 186.178.11.156
server three is 186.178.11.158
Then you delete server one with an IP address of 186.178.11.154, server
two remains 186.178.11.156 and server three remains 186.178.11.158.
As a result, the next server address that you add to the switch becomes
server one.
To add an IP address, use the RADIUS-SERVER HOST command in the
Global Configuration mode. Here is the format of the command:
radius-server host
ipaddress
order
value
[auth-port
value
]
[key
value
]
You can add only one address at a time with this command.
The IPADDRESS parameter specifies the IP address of a RADIUS server
on the network.
The ORDER parameter specifies the placement of the IP address in the
client’s list of server addresses. The range is 1 to 3. This is an optional
parameter.
The AUTH-PORT parameter specifies the UDP destination port for
RADIUS authentication requests. The default UDP port is 1812.
To Next Page
Loading...
