mac

ManualsBrandsip ManualsNetworkingipv6

471

472

473

474

475

476

477

478

479

480

Commands for RADIUS

474

encrypted and its range should not exceed 64 characters;

primary for primary server. Multiple RADIUS Sever can be configured and

would be available. RADIUS Server will be searched by the configured order if primary

is not configured, otherwise, the specified RADIUS server will be used last.

[access-mode {dot1x|telnet}] designates the current RADIUS server only

use 802.1x authentication or telnet authentication, all services can use current RADIUS

server by default.

Command mode: Global Mode

Default: No RADIUS authentication server is configured by default.

Usage Guide: This command is used to specify the IPv4 address or IPv6 address and

port number, cipher key string and access mode of the specified RADIUS server for

switch authentication, multiple command instances can be configured. The port

parameter is used to specify authentication port number, which must be the same as the

specified authentication port in the RADIUS server, the default port number is 1812. If

this port number is set to 0, the specified server is regard as non-authenticating. This

command can be used repeatedly to configure multiple RADIUS servers communicating

with the switch, the configured order is used as the priority for the switch authentication

server. When the first server has responded (whether the authentication is successed or

failed), switch does not send the authentication request to the next. If primary is

specified, then the specified RADIUS server will be the primary server. It will use the

cipher key which be configured by radius-server key <string> global command if the

current RADIUS server not configure key<string>. Besides, it can designate the current

RADIUS server only use 802.1x authentication or telnet authentication via access-mode

option. It is not configure access-mode option and all services can use current RADIUS

server by default.

Example: Setting the RADIUS authentication server address as 2004:1:2:3::2.

Switch(config)#radius-server authentication host 2004:1:2:3::2

43.13 radius-server dead-time

Command: radius-server dead-time <minutes>

no radius-server dead-time

Function: Configures the restore time when RADIUS server is down; the “no

radius-server dead-time” command restores the default setting.

Parameters: <minute> is the down -restore time for RADIUS server in minutes, the

valid range is 1 to 255.

Command mode: Global Mode

Default: The default value is 5 minutes.