Command Reference Guide
3Com Router 3000 Ethernet Family
Command Reference Guide
Chapter 1 AAA and RADIUS/HWTACACS Protocol
Configuration Commands
3Com Corporation
1-32
[3Com-radius-huawei] key authentication hello
# In the RADIUS scheme “huawei”, set the shared key for encrypting accounting
packets to “ok”.
[3Com-radius-huawei] key accounting ok
1.2.10 local-server
Syntax
local-server nas-ip ip-address key password
undo local-server nas-ip ip-address
View
System view
Parameter
nas-ip ip-address: NAS-IP address of the access server, in dotted decimal format. By
default, there is a local server with a NAS-IP of 127.0.0.1.
key password: Shared key of the local server, a string consisting of up to 16 characters.
It defaults to huawei.
Description
Use the local-server command to configure a local RADIUS authentication server.
Use the undo local-server command to delete a local RADIUS authentication server.
By default, the system creates a local RADIUS authentication server with the NAS-IP of
127.0.0.1 and the key of huawei.
Note that:
z In addition to the traditional RADIUS client function (that is, employing an
authentication/authorization server and a separate accounting server for user
authentication management), the router provides a simple local RADIUS server
function for authentication and authorization, which is called the local RADIUS
authentication server function.
z With the local RADIUS authentication server function, the UDP port for
authentication/authorization service must be 1645, and the UDP port for
accounting service must be 1646.
z The packet encryption key configured using the local-server nas-ip command
must be identical to that configured using the key authentication command in
RADIUS scheme view.
z Up to 16 local RADIUS authentication servers can be configured, including the
one created by the system by default.
Related command: radius scheme, state.