H3C S7500E Series Ethernet Switches Operation Manual
Operation Manual – AAA RADIUS HWTACACS
H3C S7500E Series Ethernet Switches
Chapter 1 AAA/RADIUS/HWTACACS
Configuration
1-24
1.4.2 Specifying the RADIUS Authentication/Authorization Servers
Follow these steps to specify the RADIUS authentication/authorization servers:
To do… Use the command… Remarks
Enter system view
system-view
—
Create a RADIUS scheme
and enter RADIUS scheme
view
radius scheme
radius-scheme-name
Required
Not defined by default
Specify the primary RADIUS
authentication/authorization
server
primary
authentication
ip-address
[ port-number ]
Specify the secondary
RADIUS
authentication/authorization
server
secondary
authentication
ip-address
[ port-number ]
Required
Use either approach
By default, neither the
primary nor the secondary
authentication/authorizatio
n server is specified.
Note:
z It is recommended to specify only the primary RADIUS authentication/authorization
server if backup is not required.
z In practice, you may specify two RADIUS servers as the primary and secondary
authentication/authorization servers respectively. At a moment, a server can be the
primary authentication/authorization server for a scheme and the secondary
authentication/authorization servers for another scheme.
z The IP addresses of the primary and secondary authentication/authorization
servers for a scheme cannot be the same. Otherwise, the configuration fails.
1.4.3 Configuring the RADIUS Accounting Servers and Relevant Parameters
Follow these steps to specify the RADIUS accounting servers and perform related
configurations:
To do… Use the command… Remarks
Enter system view
system-view
—
Create a RADIUS scheme
and enter RADIUS
scheme view
radius scheme
radius-scheme-name
Required
Not defined by default