Chapter2authentication
Parameter
Description
port
Thisspecifiesserviceportofauthentication
server.
Tips:
Thisparametermustbesetforauthentications
ofRADIUStype,TACACStype,SecurIDtype,
LDAPtypeanddomaintype;asforother
typesofauthentications,thisparameter
doesnātneedtobeset.
<number>
Thisisonenumber,inrangeof0-65535.
shared_sceret
Thisspecifiessharedkey.
Tips:
Thisparametermustbesetforauthentications
ofRADIUStype,TACACStype,LDAPtype
anddomaintype;asforothertypesof
authentications,thisparameterdoesnātneed
tobeset.
<string3>
Thisisonestring,whichisthesharedkeyof
authenticationserver.
server_dnThissetsserverdomainname.
Tips:
Thisparametermustbesetforauthentications
ofLDAPtypeanddomaintype;asforother
tyesofauthentications,thisparameter
doesnātneedtobeset.
<string4>
Thisisonestring.Forexample,ifthedomain
nameofserveriswww.topsec.com.cn,
theinputformatofthisparameteris
"dc=topsec,dc=com,dc=cn".
Command
Illustration
1.Ifthetypeoflocalauthenticationisselected,italsoneedsto
addcorrespondingusernameinlocalauthenticationdatabase.
2.Eachservrhasdefaultauthenticationdefault.Thedefaultau-
thenticationportofRADIUSserveris1812,thatofTACACS
serveris49,thatofLDAPserveris389,thatofdomainau-
thenticationserveris389,andthatofSecurIDserveris5050.
ExampleT oaddoneRadiusauthenticationserver ,withservernametobe
RADIUS,authenticationtypetoberadius,serveraddresstobe
192.168.83.231,serverporttobe1812,sharedkeytobetopsec
andkeepalivetimeouttobe100s,executethefollowingcommand:
#serveraddnameradiusprotocolradiustimeout100
ip_address192.168.83.231port1812shared_scerettopsec
ToaddandstartoneOTPauthenticationserverwithkeepalive
timeouttobe100s,executethefollowingcommand:
#serveraddnameotpprotocollocaltimeout100
servermodify
Command
Function
Thiscommandisusedtomodifyinformationofauthentication
server .
ConfidentialandProprietaryInformationofZTECORPORATION13
To Next Page
Loading...
