Manualshelf

3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
241242243244245246247248249250
RADIUS Protocol Configuration Commands 241
Parameter
accounting: Sets/Deletes a shared key for encrypting RADIUS accounting packets.
authentication: Sets/Deletes a shared key for encrypting RADIUS
authentication/authorization packets.
string: Shared key, a string of up to 16 characters.
Description
Use the key command to configure a shared key for encrypting RADIUS
authentication/authorization or accounting packets.
Use the undo key command to restore the default shared key.
The RADIUS client (that is, the security gateway) and RADIUS server use MD5
algorithm to encrypt the exchanged packets. The two ends verify packets using a
shared key. Only when the same key is used can both ends accept the packets
from each other and give responses. Therefore, it is necessary to ensure that the
same key is set on the security gateway and the RADIUS server. If the
authentication/authorization and accounting are performed on two server devices
with different shared keys, you must set one shared key for each.
By default, the key for authentication/authorization packets and accounting
packets is "3com".
Related command: primary accounting, primary authentication, and radius
scheme.
Example
# In the RADIUS scheme "3com", set the shared key used for encrypting
authentication/authorization packets to "hello".
[SecBlade_FW-radius-3com] key authentication hello
# In the RADIUS scheme "3com", set the shared key for encrypting accounting
packets to "ok".
[SecBlade_FW-radius-3com] key accounting ok
local-server Syntax
local-server nas-ip ip-address key password
undo local-server nas-ip ip-address
View
System view
Parameter
nas-ip ip-address: NAS-IP address of the access server, in dotted decimal format.
key password: Shared key of the access server, with a character string of up to 16
characters.