61
look for a server in active state from scratch: the new primary server is evaluated at first and then the
secondary servers according to the order in which they are configured.
If you remove an accounting server being used by online users, the device cannot send real-time
accounting requests and stop-accounting requests anymore for the users, and does not buffer the
stop-accounting requests.
For security purposes, all shared keys, including shared keys configured in plain text, are saved in
ciphertext.
Related commands: key, radius scheme, and state.
Examples
# Specify the secondary accounting server and UDP port number for RADIUS scheme radius1.
<Sysname> system-view
[Sysname] radius scheme radius1
[Sysname-radius-radius1] secondary accounting 10.110.1.1 1813
# Specify two secondary accounting servers for RADIUS scheme radius2, with the server IP addresses of
10.110 .1.1 a n d 10 .110.1.2, and the UDP port number of 1813.
<Sysname> system-view
[Sysname] radius scheme radius2
[Sysname-radius-radius2] secondary accounting 10.110.1.1 1813
[Sysname-radius-radius2] secondary accounting 10.110.1.2 1813
secondary authentication (RADIUS scheme view)
Syntax
secondary authentication { ipv4-address | ipv6 ipv6-address } [ port-number | key [ cipher | simple ]
key | probe username name [ interval interval ] ] *
undo secondary authentication [ ipv4-address | ipv6 ipv6-address ]
View
RADIUS scheme view
Default level
2: System level
Parameters
ipv4-address: IPv4 address of the secondary authentication/authorization server, in dotted decimal
notation. The default is 0.0.0.0.
ipv6 ipv6-address: IPv6 address of the secondary authentication/authorization server.
port-number: UDP port number of the secondary authentication/authorization server, which ranges from
1 to 65535 and defaults to 1812.
key [ cipher | simple ] key: Specifies a case-sensitive shared key for secure communication with the
secondary RADIUS authentication/authorization server.
• cipher key: Specifies a ciphertext shared key, which is a string of 1 to 117 characters in non-FIPS
mode and a string of 8 to 117 characters in FIPS mode.
To Next Page
Loading...
