EasyManuals Logo

Huawei Quidway S3900 Series Command Manual

Huawei Quidway S3900 Series
1159 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #577 background imageLoading...
Page #577 background image
Command Manual – AAA & RADIUS & HWTACACS & EAD
Quidway S3900 Series Ethernet Switches-Release 1510
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Huawei Technologies Proprietary
1-39
View
System view
Parameter
nas-ip ip-address: Specifies the IP address of the local RADIUS server. Where,
ip-address is in dotted decimal notation.
key password: Specifies the shared key of the authentication server and access
server. Where, password is a character string of up to 16 characters.
Description
Use the local-server nas-ip command to create a local RADIUS authentication
server (that is, set the related parameters of the server).
Use the undo local-server nas-ip command to delete the specified local RADIUS
authentication server.
By default, a local RADIUS authentication server is used, whose default NAS-IP and
key are 127.0.0.1 and huawei respectively. That is, the local device serves as a
RADIUS authentication server and a network access server, and all authentications
are performed locally.
Note that:
z The switch not only supports the traditional RADIUS client service to accomplish
user AAA management through foreign authentication/authorization server and
accounting server, but also provides a simple local RADIUS server function for
authentication and authorization. This function is called local RADIUS
authentication server function.
z When you use the local RADIUS authentication server function, the UDP port
number for the authentication/authorization service must be 1645, the UDP port
number for the accounting service is 1646.
z The packet encryption key set by the local-server nas-ip command with the key
password parameter must be identical with the authentication/authorization
packet encryption key set by the key authentication command in RADIUS
scheme view.
z The switch supports at most 16 IP addresses and shared keys of the network
access server (including the default local RADIUS authentication server); that is,
when the switch serves as a RADIUS authentication server, it can support at
most 16 network access servers simultaneously to provide authentication.
z As a local RADIUS authentication server, the switch does not support EAP
authentication.
Related command: radius scheme, state and local-server enable.

Table of Contents

Other manuals for Huawei Quidway S3900 Series

Preview: Operation Manual
Operation Manual955 pages
Preview: Installation Manual
Installation Manual95 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Huawei Quidway S3900 Series and is the answer not in the manual?

Huawei Quidway S3900 Series Specifications

General IconGeneral
BrandHuawei
ModelQuidway S3900 Series
CategorySwitch
LanguageEnglish

Related product manuals