Command Manual - Security
Quidway S6500 Series Ethernet Switches Chapter 2 AAA Configuration Commands
Huawei Technologies Proprietary
2-29
Caution:
z When using local RADIUS server function of Huawei, remember the number of UDP
port used for authentication is 1645 and that for accounting is 1646.
z The key configured by this command must be the same as that of the RADIUS
authentication/authorization packet configured by the command key
authentication in RADIUS scheme view.
Quidway series switches support up to 16 local RADIUS authentication servers.
For the related commands, see radius scheme, state and key.
Example
# Set the NAS-IP address of local RADIUS authentication server to 10.110.1.2 and the
key to huawei.
[Quidway] local-server nas-ip 10.110.1.2 key huawei
2.2.10 nas-ip
Syntax
nas-ip ip-address
undo nas-ip
View
RADIUS scheme view
Parameter
ip-address: IP address in dotted decimal format.
Description
Using the nas-ip command, you can set the source IP address of the network access
server (NAS, the switch in this manual), so that all packets destined for the RADIUS
server carry the same source IP address. Using the undo nas-ip command, you can
cancel the configuration.
Specifying a source address for the RADIUS packets to be transmitted can avoid the
situation where the packets sent back by the RADIUS server cannot be received as the
result of a physical interface failure. The address of a loopback interface is usually used
as the source address.
By default, the source IP address of packets is the IP address of the output port.
For the related command, see display radius, radius nas-ip.