Manualshelf

User guide

ManualsBrandsExtreme Networks ManualsComputer equipmentSummit Summit4
161162163164165166167168169170
Authenticating Users Using RADIUS or TACACS+
ExtremeWare 7.2e Installation and User Guide 167
configure radius [primary | secondary] server [<ipaddress> | <hostname>] {<udp_port>}
client-ip [<ipaddress>]
To configure the timeout if a server fails to respond, use the following command:
configure radius timeout <seconds>
Configuring the Shared Secret Password
In addition to specifying the RADIUS server IP information, RADIUS also contains a means to verify
communication between network devices and the server. The shared secret is a password configured on
the network device and RADIUS server, used by each to verify communication.
To configure the shared secret for RADIUS servers, use the following command:
configure radius [primary | secondary] shared-secret {encrypted} [<string>]
Enabling and Disabling RADIUS
After server information is entered, you can start and stop RADIUS authentication as many times as
necessary without needing to reconfigure server information.
To enable RADIUS authentication, use the following command:
enable radius
To disable RADIUS authentication, use the following command:
disable radius
Configuring RADIUS Accounting
Extreme switches are capable of sending RADIUS accounting information. As with RADIUS
authentication, you can specify two servers for receipt of accounting information. You can configure
RADIUS accounting servers to be the same as the authentication servers, but this is not required.
To specify RADIUS accounting servers, use the following command:
configure radius-accounting [primary | secondary] server [<ipaddress> | <hostname>]
{<udp_port>} client-ip [<ipaddress>]
To configure the timeout if a server fails to respond, use the following command:
configure radius-accounting timeout <seconds>
RADIUS accounting also makes use of the shared secret password mechanism to validate
communication between network access devices and RADIUS accounting servers.
To specify shared secret passwords for RADIUS accounting servers, use the following command:
configure radius-accounting [primary | secondary] shared-secret {encrypted} [<string>]
After you configure RADIUS accounting server information, you must enable accounting before the
switch begins transmitting the information. You must enable RADIUS authentication for accounting
information to be generated. You can enable and disable accounting without affecting the current state
of RADIUS authentication.