3Com Switch 7750 Configuration Guide Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

501

502

503

504

505

506

507

508

509

510

506 CHAPTER 48: AAA & RADIUS & HWTACACS CONFIGURATION

CAUTION: You must set the share keys separately for the

authentication/authorization packets and the accounting packets if the

authentication/authorization server and the accounting server are different devices

and the shared keys on the two servers are also different.

Configuring the

Maximum Number of

Transmission Attempts

of RADIUS Requests

The communication in RADIUS is unreliable because this protocol adopts UDP

packets to carry data. Therefore, it is necessary for the switch to retransmit a

RADIUS request if it gets no response from the RADIUS server after the response

timeout timer expires. If the maximum number of transmission attempts is reached

and the switch still receives no answer, the switch considers that the request fails.

Configuring the

Supported RADIUS

Server Type

Configuring the Status

of RADIUS Servers

For the primary and secondary servers (authentication/authorization servers, or

accounting servers) in a RADIUS scheme:

When the switch fails to communicate with the primary server due to some server

trouble, the switch will actively exchange packets with the secondary server.

Set a shared key for the

RADIUS accounting packets

key accounting string

Required

By default, no shared key is

set.

Table 385 Configure shared keys for RADIUS packets

Operation Command Description

Tabl e 386 Configure the maximum transmission attempts of RADIUS request

Operation Command Description

Enter system view system-view -

Create a RADIUS scheme and

enter its view

radius scheme

radius-scheme-name

Required

By default, a RADIUS scheme

named "system" has already

been created in the system.

Set the maximum number of

transmission attempts of

RADIUS requests

retry retry-times

Optional

By default, the system tries

three times to transmit a

RADIUS request.

Tabl e 387 Configure the supported RADIUS server type

Operation Command Description

Enter system view system-view -

Create a RADIUS scheme and

enter its view

radius scheme

radius-scheme-name

Required

By default, a RADIUS scheme

named "system" has already

been created in the system.

Specify the type of RADIUS

server supported by the

switch

server-type { radius |

standard }

Optional

By default, the switch

supports the standard type of

RADIUS server. The type of

RADIUS server in the default

RADIUS scheme "system" is

radius.