Manualshelf

R3303-HP HSR6800 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
81828384858687888990
67
Related commands
key (RADIUS scheme view)
vpn-instance (RADIUS scheme view)
primary authentication (RADIUS scheme view)
Use primary authentication to specify the primary RADIUS authentication/authorization server.
Use undo primary authentication to remove the configuration.
Syntax
primary authentication { ipv4-address | ipv6 ipv6-address } [ port-number | key [ cipher | simple ] key
| probe username name [ interval interval ] | vpn-instance vpn-instance-name ] *
undo primary authentication
Default
No primary RADIUS authentication/authorization server is specified.
Views
RADIUS scheme view
Default command level
2: System level
Parameters
ipv4-address: Specifies the IPv4 address of the primary RADIUS authentication/authorization server.
ipv6 ipv6-address: Specifies the IPv6 address of the primary RADIUS authentication/authorization server,
which must be a valid global unicast address.
port-number: Specifies the service port number of the primary RADIUS authentication/authorization
server, which is a UDP port number ranging from 1 to 65535 and defaults to 1812.
key [ cipher | simple ] key: Specifies the shared key for secure communication with the primary RADIUS
authentication/authorization server. In FIPS mode, the shared key must be a string of at least 8 characters
that contain numbers, uppercase letters, lowercase letters, and special characters, and is encrypted and
decrypted by using 3DES.
cipher key: Specifies a ciphertext shared key, which is a case-sensitive ciphertext string of 1 to 117
characters.
simple key: Specifies a plaintext shared key, which is a case-sensitive string of 1 to 64 characters.
If neither cipher nor simple is specified, you set a plaintext shared key string.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the primary RADIUS
authentication/authorization server belongs. The vpn-instance-name argument is a case-sensitive string
of 1 to 31 characters. If the server is on the public network, do not specify this option.
probe: Enables the device to detect the status of the primary RADIUS authentication/authorization server.
username name: Specifies the username in the authentication request that is used to detect the status of
the primary RADIUS authentication/authorization server.
interval interval: Specifies the interval between two server status detections. The value ranges from 1 to
3600 and defaults to 60, in minutes.