R0106-HP MSR Router Series Security Configuration Guide(V7)
24
• The test profile configuration is removed for the RADIUS server in RADIUS scheme view.
• The test profile is deleted.
• The RADIUS server is manually set to the blocked state.
• The RADIUS scheme is deleted.
To configure a test profile for RADIUS server status detection:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Configure a test profile for
detecting the status of
RADIUS authentication
servers.
radius-server test-profile
profile-name username name
[ interval interval ]
By default, no test profile is created
on the device to detect the status of
RADIUS servers.
You can configure multiple test
profiles by executing this command
multiple times.
Creating a RADIUS scheme
Create a RADIUS scheme before performing any other RADIUS configurations. You can configure up to
16 RADIUS schemes. A RADIUS scheme can be referenced by multiple ISP domains.
To create a RADIUS scheme:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Create a RADIUS scheme and
enter RADIUS scheme view.
radius scheme
radius-scheme-name
By default, no RADIUS scheme is
defined.
Specifying the RADIUS authentication servers
A RADIUS authentication server completes authentication and authorization together, because
authorization information is piggybacked in authentication responses sent to RADIUS clients.
You can specify one primary authentication server and up to 16 secondary authentication servers for a
RADIUS scheme. When the primary server is not available, the device searches for the secondary servers
in the order they are configured. The first secondary server in active state is used for communication.
If redundancy is not required, specify only the primary server. A RADIUS authentication server can
function as the primary authentication server for one scheme and a secondary authentication server for
another scheme at the same time.
To specify RADIUS authentication servers for a RADIUS scheme:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter RADIUS scheme
view.
radius scheme radius-scheme-name N/A