Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

911

912

913

914

915

916

917

918

919

920

– auth-port port-number: the range is from 0 to 65335. Enter a UDP port number. The default is 1812.

– retransmit retries: the range is from 0 to 100. Default is 3.

– timeout seconds: the range is from 0 to 1000. Default is 5 seconds.

– key [encryption-type] key: enter 0 for plain text or 7 for encrypted text, and a string for the key. The key can be up to 42

characters long. This key must match the key congured on the RADIUS server host.

If you do not congure these optional parameters, the global default values for all RADIUS host are applied.

To specify multiple RADIUS server hosts, congure the radius-server host command multiple times. If you congure multiple

RADIUS server hosts, the system attempts to connect with them in the order in which they were congured. When the switch

authenticates a user, the software connects with the RADIUS server hosts one at a time, until a RADIUS server host responds with an

accept or reject response.

If you want to change an optional parameter setting for a specic host, use the radius-server host command. To change the global

communication settings to all RADIUS server hosts, refer to Setting Global Communication Parameters for all RADIUS Server Hosts.

To view the RADIUS conguration, use the show running-config radius command in EXEC Privilege mode.

To delete a RADIUS server host, use the no radius-server host {hostname | ip-address} command.

Setting Global Communication Parameters for all RADIUS Server Hosts

You can congure global communication parameters (auth-port, key, retransmit, and timeout parameters) and specic host

communication parameters on the same system.

However, if you congure both global and specic host parameters, the specic host parameters override the global parameters for that

RADIUS server host.

To set global communication parameters for all RADIUS server hosts, use the following commands.

• Set a time interval after which a RADIUS host server is declared dead.

CONFIGURATION mode

radius-server deadtime seconds

– seconds: the range is from 0 to 2147483647. The default is 0 seconds.

• Congure a key for all RADIUS communications between the system and RADIUS server hosts.

CONFIGURATION mode

radius-server key [encryption-type] key

– encryption-type: enter 7 to encrypt the password. Enter 0 to keep the password as plain text.

– key: enter a string. The key can be up to 42 characters long. You cannot use spaces in the key.

• Congure the number of times the system retransmits RADIUS requests.

CONFIGURATION mode

radius-server retransmit retries

– retries: the range is from 0 to 100. Default is 3 retries.

• Congure the time interval the system waits for a RADIUS server host response.

CONFIGURATION mode

radius-server timeout seconds

– seconds: the range is from 0 to 1000. Default is 5 seconds.

To view the conguration of RADIUS communication parameters, use the show running-config command in EXEC Privilege mode.

920

Security