Reference Guide

ManualsBrandsDell ManualsComputer equipmentForce10 Z9000

791

792

793

794

795

796

797

798

799

800

Security | 795

Apply the method list to terminal lines

To enable RADIUS AAA login authentication for a method list, you must apply it to a terminal line. To

configure a terminal line for RADIUS authentication and authorization, enter the following commands:

Specify a RADIUS server host

When configuring a RADIUS server host, you can set different communication parameters, such as the

UDP port, the key password, the number of retries, and the timeout.

To specify a RADIUS server host and configure its communication parameters, use the following

command in the CONFIGURATION mode:

To specify multiple RADIUS server hosts, configure the

radius-server host command multiple times. If

multiple RADIUS server hosts are configured, FTOS attempts to connect with them in the order in which

they were configured. When FTOS attempts to authenticate a user, the software connects with the

RADIUS server hosts one at a time, until a RADIUS server host responds with an accept or reject

response.

If you want to change an optional parameter setting for a specific host, use the

radius-server host

command. To change the global communication settings to all RADIUS server hosts, refer to Set global

communication parameters for all RADIUS server hosts on page 796.

Command Syntax Command Mode Purpose

line {aux 0 | console 0 | vty number

[end-number]}

CONFIGURATION Enter the LINE mode.

{method-list-name | default}

LINE Enable AAA login authentication for the specified

RADIUS method list. This procedure is mandatory if

you are not using default lists.

authorization exec methodlist CONFIGURATION To use the methodlist.

Command Syntax Command Mode Purpose

radius-server host {hostname |

ip-address} [auth-port

port-number] [retransmit retries]

[timeout seconds] [key

[encryption-type] key]

CONFIGURATION Enter the host name or IP address of the RADIUS server

host. Configure the optional communication parameters

for the specific host:

• auth-port port-number range: 0 to 65335. Enter a

UDP port number. The default is 1812.

• retransmit retries range: 0 to 100. Default is 3.

• timeout seconds range: 0 to 1000. Default is 5

seconds.

• key [encryption-type] key: Enter 0 for plain text or

7 for encrypted text, and a string for the key. The key

can be up to 42 characters long. This key must match

the key configured on the RADIUS server host.

If these optional parameters are not configured, the

global default values for all RADIUS host are applied.