Manualshelf

Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)

ManualsBrandsHP ManualsStorageCisco MDS 9513 with Supervisor 2 Director Switch
261262263264265266267268269270
Send feedback to nx5000-docfeedback@cisco.com
17-11
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 17 Configuring RADIUS
Configuring RADIUS Servers
The following example shows how to configure the accounting and authentication attributes for a
RADIUS server:
switch# configure terminal
switch(config)# radius-server host 10.10.1.1 acct-port 2004
switch(config)# radius-server host 10.10.1.1 accounting
switch(config)# radius-server host 10.10.2.2 auth-port 2005
switch(config)# radius-server host 10.10.2.2 authentication
switch(config)# exit
switch(config)# show radius-server
switch# copy running-config startup-config
Configuring Periodic RADIUS Server Monitoring
You can monitor the availability of RADIUS servers. These parameters include the username and
password to use for the server and an idle timer. The idle timer specifies the interval during which a
RADIUS server receives no requests before the Nexus 5000 Series switch sends out a test packet. You
can configure this option to test servers periodically.
Note For security reasons, we recommend that you do not configure a test username that is the same as an
existing user in the RADIUS database.
The test idle timer specifies the interval during which a RADIUS server receives no requests before the
Nexus 5000 Series switch sends out a test packet.
Note The default idle timer value is 0 minutes. When the idle time interval is 0 minutes, the Nexus 5000 Series
switch does not perform periodic RADIUS server monitoring.
Step 4
switch(config)# radius-server host
{ipv4-address | ipv6-address | host-name}
auth-port udp-port
(Optional) Specifies a UDP port to use for RADIUS
authentication messages. The default UDP port is
1812. The range is from 0 to 65535.
Step 5
switch(config)# radius-server host
{ipv4-address | ipv6-address | host-name}
authentication
(Optional) Specifies that the specified RADIUS
server only be used for authentication purposes. The
default is both accounting and authentication.
Step 6
switch(config)# exit
Exits configuration mode.
Step 7
switch(config)# show radius-server
(Optional) Displays the RADIUS server
configuration.
Step 8
switch# copy running-config startup-config
(Optional) Copies the running configuration to the
startup configuration.
Command Purpose