Configuration Guide Configuring RADIUS
Related Commands
 Configuring the Remote RADIUS Security Server
radius-server host [ oob ] { ipv4-address | ipv6-address} [auth-portport-number]
[acct-portport-number][ test usernamename [ idle-timetime ] [ ignore-auth-port ] [ ignore-acct-port ] ]
[ key [ 0 | 7 ] text-string ]
oob: Indicates oob authentication, that is, the source interface for transmitting packets to the RADIUS server
is an mgmt port.
ipv4-address: Indicates the IPv4 address of the RADIUS security server.
Ipv6-address: Indicates the IPv6 address of the RADIUS security server.
auth-portport-number: Indicates the UDP port for RADIUS identity authentication. The value ranges from 0
to 65,535. If it is set to 0, the host does not conduct identity authentication.
acct-port port-number: Indicates the UDP port for RADIUS accounting. The value ranges from 0 to 65,535.
If it is set to 0, the host does not conduct accounting.
test username name: Enables the function of actively detecting the RADIUS security server and specifies
the user name used for active detection.
idle-timetime: Indicates the interval for the device to transmit test packets to a reachable RADIUS security
server. The default value is 60 minutes. The value ranges from 1 minute to 1,440 minutes (24 hours).
ignore-auth-port: Disables the function of detecting the authentication port of the RADIUS security server.
It is enabled by default.
ignore-acct-port: Disables the function of detecting the accounting port of the RADIUS security server. It is
enabled by default.
key[ 0 | 7 ] text-string : Configures the shared key of the server. The global shared key is used if it is not
configured.
Global configuration mode
A RADIUS security server must be defined to implement the AAA security service by using RADIUS. You
can run the radius-server host command to define one or more RADIUS security servers. If a RADIUS
security server is not added to a RADIUS server group, the device uses the global routing table when
transmitting RADIUS packets to the RADIUS server. Otherwise, the device uses the VRF routing table of the
RADIUS server group.
 Configuring the Shared Key for Communication Between the Device and the RADIUS Server
radius-server key [0 | 7]text-string
text-string: Indicates the text of the shared key.
0 | 7: Indicates the encryption type of the key. The value 0 indicates no encryption and 7indicates simple
encryption. The default value is 0.
Global configuration mode
A shared key is the basis for correct communication between the device and the RADIUS security server.
To Next Page
Loading...
Need help?
General
