Step Description Command Keys
4 Add RADIUS server to the list of used
servers and switch to its configuration
mode.
esr(config)# radius-server host
{ <IP-ADDR> | <IPV6-ADDR> } [ vrf
<VRF> ]
esr(config-radius-server)#
<IP-ADDR> – RADIUS server IP
address, defined as
AAA.BBB.CCC.DDD where each
part takes values of [0..255];
<IPV6-ADDR> – RADIUS server
IPv6 address, defined as
X:X:X:X::X where each part
takes values in hexadecimal
format [0..FFFF]
<VRF> – VRF instance name,
set by the string of up to 31
characters.
5 Specify the number of failed
authentication attempts to block the
user login and time of the lock
(optional).
aaa authentication attempts max-
fail <COUNT> <TIME>
<COUNT> – amount of failed
authentication attempts after
which a user is blocked, takes
the values of [1..65535];
<TIME> – user blocking time in
seconds, takes the values of
[1..65535].
Default value:
<COUNT> – 5; <TIME> – 300
6 Set the password for authentication on
remote RADIUS server.
esr(config-radius-server)# key
ascii-text
{ <TEXT> | encrypted
<ENCRYPTED-TEXT> }
<TEXT> – string [8..16] ASCII
characters;
<ENCRYPTED-TEXT> –
encrypted password, [8..16]
bytes size, set by the string of
[16..32] characters.
7 Prioritize the use of a remote RADIUS
server (optional).
esr(config-radius-server)# priority
<PRIORITY>
<PRIORITY> – remote server
priority, takes values in the
range of [1..65535].
The lower value, the higher the
priority of server is.
Default value: 1.
8 Set the interval after which the router
assumes that the RADIUS server is not
available (optional).
esr(config-radius-server)# timeout
<SEC>
<SEC> – time interval in
seconds, takes values of
[1..30].
Default value: global timer
value is used.
To Next Page
Loading...
Need help?
General
