Manualshelf

3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
281282283284285286287288289290
282 CHAPTER 17: AAA/RADIUS/HWTACACS CONFIGURATION COMMANDS
Description
Use the local-server command to configure related parameters of the local
RADIUS authentication server.
Use the undo local-server command to delete some configured NAS-IP address.
By default, the system creates a local RADIUS authentication server with the
NAS-IP address being 127.0.0.1 and the shared key being 3com.
Note the following:
The device not only can serve as the RADIUS client to perform authentication
management on users through the authentication/authorization server and the
accounting server, but also can function as a simple RADIUS server (including
authentication and authorization).
If the local RADIUS authentication server function is adopted, the UDP port
used for authentication/authorization must be 1645, and the UDP port used
for accounting must be 1646.
The key configured by this command must be consistent with the key used for
authentication/authorization which is configured by the key authentication
command in RADIUS scheme view.
The device supports up to 16 network access servers, including the local
RADIUS authentication server created by the system.
Related command: radius scheme, state.
Example
# For the local RADIUS authentication server, set the IP address to be 10.110.1.2
and the login password to be aabbcc.
[SecBlade_FW] local-server nas-ip 10.110.1.2 key aabbcc
nas-ip Syntax
nas-ip ip-address
undo nas-ip
View
RADIUS view
Parameter
ip-address: IP address in dotted decimal format.
Description
Use the nas-ip command to set the source IP address of the network access server
(NAS, the security gateway in this manual), so that all packets destined for the
RADIUS server carry the same source IP address.
Use the undo nas-ip command to cancel the configuration.