Configuration Guide User guide
FastIron Configuration Guide 163
53-1002494-02
RADIUS security
Enabling SNMP to configure RADIUS
To enable SNMP access to RADIUS MIB objects on the device, enter a command such as the
following.
Brocade(config)#enable snmp config-radius
Syntax: [no] enable snmp <config-radius | config-tacacs>
The <config-radius> parameter specifies the RADIUS configuration mode. RADIUS is disabled by
default.
The <config-tacacs> parameter specifies the TACACS configuration mode. TACACS is disabled by
default.
Identifying the RADIUS server to the Brocade device
To use a RADIUS server to authenticate access to a Brocade device, you must identify the server to
the Brocade device.
Example
Brocade(config)#radius-server host 209.157.22.99
Syntax: radius-server host <ip-addr> | <iipv6-addr> | <server-name> [auth-port <number>]
[acct-port <number>]
The host <ip-addr> | <ipv6-addr> | <server-name> parameter is either an IP address or an ASCII
text string.
The <auth-port> parameter is the Authentication port number. The default is 1645.
The <acct-port> parameter is the Accounting port number. The default is 1646.
Specifying different servers for individual AAA functions
In a RADIUS configuration, you can designate a server to handle a specific AAA task. For example,
you can designate one RADIUS server to handle authorization and another RADIUS server to
handle accounting. You can specify individual servers for authentication and accounting, but not
for authorization. You can set the RADIUS key for each server.
foundry-802.1x-valid-lookup 7 integer Specifies if 802.1x lookup is enabled:
0 - Disabled
1 - Enabled
foundry-MAC-based-VLAN-QOS 8 integer Specifies the priority for MAC-based VLAN QOS:
0 - qos_priority_0
1 - qos_priority_1
2 - qos_priority_2
3 - qos_priority_3
4 - qos_priority_4
5 - qos_priority_5
6 - qos_priority_6
7 - qos_priority_7
TABLE 24 Brocade vendor-specific attributes for RADIUS (Continued)
Attribute name Attribute ID Data type Description