R3303-HP HSR6800 Routers Security Command Reference
82
Examples
# Configure the RADIUS server type of RADIUS scheme radius1 as standard.
<Sysname> system-view
[Sysname] radius scheme radius1
[Sysname-radius-radius1] server-type standard
state primary
Use state primary to set the status of a primary RADIUS server.
Syntax
state primary { accounting | authentication } { active | block }
Default
The primary RADIUS server specified for a RADIUS scheme is in active state.
Views
RADIUS scheme view
Default command level
2: System level
Parameters
accounting: Sets the status of the primary RADIUS accounting server.
authentication: Sets the status of the primary RADIUS authentication/authorization server.
active: Specifies the active state, the normal operation state.
block: Specifies the blocked state, the out-of-service state.
Usage guidelines
During an authentication or accounting process, the device first tries to communicate with the primary
server if the primary server is in active state. If the primary server is unavailable, the device changes the
status of the primary server to blocked, starts a quiet timer for the server, and then tries to communicate
with a secondary server in active state (a secondary RADIUS server configured earlier has a higher
priority). When the quiet timer of the primary server times out, the status of the server changes to active
automatically. If you set the status of the server to blocked before the quiet timer times out, the status of
the server cannot change back to active automatically unless you set the status to active manually.
When the primary server and secondary servers are both in blocked state, the device communicates with
the primary server.
Examples
# Set the status of the primary server in RADIUS scheme radius1 to blocked.
<Sysname> system-view
[Sysname] radius scheme radius1
[Sysname-radius-radius1] state primary authentication block
Related commands
• display radius scheme
• state secondary