3Com Switch 7750 Configuration Guide Guide
RADIUS Configuration 503
n
Telnet and FTP users can use the display connection command to view the
connection, but they cannot use the cut connection command to cut down the
connection.
RADIUS Configuration The RADIUS protocol configuration is performed on a RADIUS scheme basis. In an
actual network environment, you can either use a single RADIUS server or two
RADIUS servers (primary and secondary servers with the same configuration but
different IP addresses) in a RADIUS scheme. After creating a new RADIUS scheme,
you should configure the IP address and UDP port number of each RADIUS server
you want to use in this scheme. These RADIUS servers fall into two types:
authentication/authorization, and accounting. And for each kind of server, you
can configure two servers in a RADIUS scheme: primary server and secondary
server. A RADIUS scheme has the following attributes: IP addresses of the primary
and secondary servers, shared keys, and types of the RADIUS servers.
In an actual network environment, you can configure the above parameters as
required. But you should configure at least one authentication/authorization server
and one accounting server, and at the same time, you should keep the RADIUS
service port settings on the switch consistent with those on the RADIUS servers.
n
Actually, the RADIUS protocol configuration only defines the parameters used for
information exchange between the switch and the RADIUS servers. To make these
parameters take effect, you must reference the RADIUS scheme configured with
these parameters in an ISP domain view. For specific configuration commands,
refer to
“AAA Configuration”.
Creating a RADIUS
Scheme
The RADIUS protocol configuration is performed on a RADIUS scheme basis. You
should first create a RADIUS scheme and enter its view before performing other
RADIUS protocol configurations.
c
CAUTION: A RADIUS scheme can be referenced by multiple ISP domains
simultaneously.
Configuring RADIUS
Authentication/Authoriz
ation Servers
Table 382 Create a RADIUS scheme
Operation Command Description
Enter system view system-view -
Create a RADIUS scheme and
enter its view
radius scheme
radius-scheme-name
Required
By default, a RADIUS scheme
named "system" has already
been created in the system.
Table 383 Configure RADIUS authentication/authorization server
Operation Command Description
Enter system view system-view -
Create a RADIUS scheme and
enter its view
radius scheme
radius-scheme-name
Required
By default, a RADIUS scheme
named "system" has already
been created in the system.