radius-server
OVERVIEW
Switch SecurityCategory:
configPrimary context:
show radius (page 583)Related Commands
Usage: [no] radius-server host <IP-ADDR>
[auth-port <UDP-PORT>]
[acct-port <UDP-PORT>]
[dyn-authorization]
[time-window <0-65535>]
[key <KEY-STR>]
[no] radius-server key <KEY-STR>
radius-server timeout <1-15>
radius-server retransmit <1-5>
radius-server dyn-autz-port <UDP-PORT>
[no] radius-server dead-time <1-1440>
Description: Congure RADIUS parameters.
The rst command adds/removes a RADIUS server to/from the
list of the RADIUS servers that will be used for the
authentication, accounting and authorization. Up to 3 RADIUS
servers can be congured.
The second command sets/removes the global encryption key to use
in communication with RADIUS servers.
The third command sets the interval in seconds the switch
waits for a reply from a RADIUS server.
The fourth command species the number of times the switch
retransmits requests to a RADIUS server.
The fth command species the UDP port to listen for
Change-of-Authorization and Disconnect messages.
The last command sets the length of time in minutes a RADIUS
server that failed to respond to an authentication request is
bypassed by additional requests. See 'dead-time', below. Use
the 'no' form of command to set the dead-time to 0.
Parameters:
o host IP-ADDR [auth-port <UDP-PORT>] [acct-port <UDP-PORT>]
[dyn-authorization] [time-window <0-65535>]
[key <KEY-STR>] - species
the IP address of the RADIUS server to use. Optional parameter
'auth-port <UDP-PORT>' species the UDP destination port to use
when sending authentication requests to the server (default is
1812). Optional parameter 'acct-port <UDP-PORT>' species the
UDP destination port to use when sending accounting requests to
the server (default is 1813). Optional 'dyn-authorization'
parameter enables/disables the processing of Disconnect and
Change-of-Authorization messages from the host. Optional
parameter 'time-window <0-65535>' species the time frame
(in seconds) within which received Change-of-Authorization and
Disconnect request messages will be considered current and
accepted for processing, '0' value means 'innity' (default is
300 seconds). Optional parameter 'key <KEY-STR>' species an
456© 2009 Hewlett-Packard Development Company, L.P.
