Manualshelf

R3102-R3103-HP 6600/HSR6600 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR6602-XG Router
81828384858687888990
75
undo primary authentication
Default
No primary RADIUS authentication/authorization server is specified.
Views
RADIUS scheme view
Default command level
2: System level
Parameters
ipv4-address: Specifies the IPv4 address of the primary RADIUS authentication/authorization server.
ipv6 ipv6-address: Specifies the IPv6 address of the primary RADIUS authentication/authorization server,
which must be a valid global unicast address.
port-number: Specifies the service port number of the primary RADIUS authentication/authorization
server, which is a UDP port number ranging from 1 to 65535 and defaults to 1812.
key [ cipher | simple ] key: Specifies the shared key for secure communication with the primary RADIUS
authentication/authorization server. In FIPS mode, the shared key must be a string of at least 8 characters
that contain numbers, uppercase letters, lowercase letters, and special characters, and is encrypted and
decrypted by using 3DES.
cipher key: Specifies a ciphertext shared key, which is a case-sensitive ciphertext string of 1 to 117
characters.
simple key: Specifies a plaintext shared key, which is a case-sensitive string of 1 to 64 characters.
If neither cipher nor simple is specified, you set a plaintext shared key string.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the primary RADIUS
authentication/authorization server belongs. The vpn-instance-name argument is a case-sensitive string
of 1 to 31 characters. If the server is on the public network, do not specify this option.
probe: Enables the device to detect the status of the primary RADIUS authentication/authorization server.
username name: Specifies the username in the authentication request that is used to detect the status of
the primary RADIUS authentication/authorization server.
interval interval: Specifies the interval between two server status detections. The value ranges from 1 to
3600 and defaults to 60, in minutes.
Usage guidelines
Make sure the port number and shared key settings of the primary RADIUS authentication/authorization
server are the same as those configured on the server.
The shared key configured by this command takes precedence over that configured by using the key
authentication [ cipher | simple ] key command. For secrecy, all shared keys, including keys configured
in plain text, are saved in cipher text.
The IP addresses of the authentication/authorization servers and those of the accounting servers must be
of the same IP version.
The IP addresses of the primary and secondary authentication/authorization servers must be different
from each other. Otherwise, the configuration fails.