8-36
Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide
OL-8915-03
Chapter 8 Configuring IEEE 802.1x Port-Based Authentication
Configuring IEEE 802.1x Authentication
Step 2
radius-server dead-criteria time time
tries tries
(Optional) Set the conditions that are used to decide when a RADIUS
server is considered unavailable or dead.
The range for time is from 1 to 120 seconds. The switch dynamically
determines the default seconds value that is 10 to 60 seconds.
The range for tries is from 1 to 100. The switch dynamically determines
the default tries parameter that is 10 to 100.
Step 3
radius-server deadtime minutes (Optional) Set the number of minutes that a RADIUS server is not sent
requests. The range is from 0 to 1440 minutes (24 hours). The default is
0 minutes.
Step 4
radius-server host ip-address
[acct-port udp-port] [auth-port
udp-port] [test username name
[idle-time time] [ignore-acct-port]
[ignore-auth-port]] [key string]
(Optional) Configure the RADIUS server parameters by using these
keywords:
• acct-port udp-port—Specify the UDP port for the RADIUS
accounting server. The range for the UDP port number is from 0 to
65536. The default is 1646.
• auth-port udp-port—Specify the UDP port for the RADIUS
authentication server. The range for the UDP port number is from 0
to 65536. The default is 1645.
Note You should configure the UDP port for the RADIUS accounting
server and the UDP port for the RADIUS authentication server to
nondefault values.
• test username name—Enable automated testing of the RADIUS
server status, and specify the username to be used.
• idle-time time—Set the interval of time in minutes after which the
switch sends test packets to the server. The range is from 1 to
35791 minutes. The default is 60 minutes (1 hour).
• ignore-acct-port—Disable testing on the RADIUS-server
accounting port.
• ignore-auth-port—Disable testing on the RADIUS-server
authentication port.
• For key string, specify the authentication and encryption key used
between the switch and the RADIUS daemon running on the
RADIUS server. The key is a text string that must match the
encryption key used on the RADIUS server.
Note Always configure the key as the last item in the radius-server
host command syntax because leading spaces are ignored, but
spaces within and at the end of the key are used. If you use spaces
in the key, do not enclose the key in quotation marks unless the
quotation marks are part of the key. This key must match the
encryption used on the RADIUS daemon.You can also configure
the authentication and encryption key by using the radius-server
key {0 string | 7 string | string} global configuration command.
Note You can also configure the authentication and encryption key by
using the radius-server key {0 string | 7 string | string} global
configuration command.
Command Purpose
To Next Page
Loading...
