R3204P16-HP Load Balancing Module Security Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

101

102

103

104

105

106

107

108

109

110

101

primary authentication (RADIUS scheme view)

Syntax

primary authentication ip-address [ port-number ] [ key string ]

undo primary authentication

View

RADIUS scheme view

Default level

2: System level

Parameters

ip-address: IPv4 address of the primary authentication/authorization server.

port-number: UDP port number of the primary authentication/authorization server, which ranges from 1

to 65535 and defaults to 1812.

key string: Specifies the shared key for exchanging authentication and authorization packets with the

primary RADIUS authentication/authorization server. A shared key is a case-sensitive string of 1 to 64

characters.

Description

Use the primary authentication command to specify the primary RADIUS authentication/authorization

server.

Use the undo primary authentication command to remove the configuration.

By default, no primary RADIUS authentication/authorization server is specified.

After creating a RADIUS scheme, you are supposed to configure the IP address and UDP port of each

RADIUS server (primary/secondary authentication/authorization or accounting server). Ensure that at

least one authentication/authorization server and one accounting server are configured, and that the

RADIUS service port settings on the LB module are consistent with the port settings on the RADIUS

servers.

The shared key configured on the LB module for authentication/authorization packets and that

configured on the RADIUS server must be consistent.

The shared key configured in this command is used in preference. If the key string keyword and argument

combination is not configured here, the shared key configured in the key authentication string command

will be used.

The IP addresses of the primary and secondary authentication/authorization servers cannot be the same.

Otherwise, the configuration fails.

The IP addresses of the primary and secondary authentication/authorization servers must be of the same

IP version.

The IP addresses of the authentication/authorization servers and those of the accounting servers must be

of the same IP version.

You can use the commands to change the settings only when no user is using the RADIUS scheme.

Related commands: key, radius scheme, and state.

Examples

# Specify the primary authentication/authorization server for RADIUS scheme radius1.