Command Reference Guide

ManualsBrandsNEC ManualsSwitchN8406-022A

Command Reference Guide (ISCLI) Command Reference Guide (ISCLI) 67

RADIUS server configuration

NOTE: See the Application Guide for information on RADIUS.

The following table describes the RADIUS Server Configuration commands.

Table 65 RADIUS Server Configuration commands

Command

Description

[no] radius-server primary-host

<IP address> key <1-32

characters>

Sets the primary RADIUS server address and shared secret between

the switch and the RADIUS server(s).

Command mode: Global configuration

[no] radius-server secondary-

host <IP address> key <1-32

characters>

Sets the secondary RADIUS server address and shared secret

between the switch and the RADIUS server(s).

Command mode: Global configuration

radius-server port <UDP port

number>

Enter the number of the User Datagram Protocol (UDP) port to be

configured, between 1500-3000. The default is 1645.

Command mode: Global configuration

radius-server retransmit <1-3>

Sets the number of failed authentication requests before switching to a

different RADIUS server. The range is 1-3 requests. The default is 3

requests.

Command mode: Global configuration

radius-server timeout <1-10>

Sets the amount of time, in seconds, before a RADIUS server

authentication attempt is considered to have failed. The range is 1-10

seconds. The default is 3 seconds.

Command mode: Global configuration

[no] radius-server telnet-

backdoor

Enables or disables the RADIUS back door for telnet/SSH/

HTTP/HTTPS. The default is disabled. This command does not apply

when secure backdoor is enabled.

Command mode: Global configuration

[no] radius-server secure-

backdoor

Enables or disables the RADIUS back door using secure password for

telnet/SSH/ HTTP/HTTPS. The default is disabled. This command

does not apply when backdoor (telnet) is enabled.

Command mode: Global configuration

radius-server enable

Enables the RADIUS server.

Command mode: Global configuration

no radius-server enable

Disables the RADIUS server. This is the default.

Command mode: Global configuration

show radius-server

Displays the current RADIUS server parameters.

Command mode: All except User EXEC

IMPORTANT: If RADIUS is enabled, you must login using RADIUS authentication when connecting via the

console or Telnet/SSH/HTTP/HTTPS. Backdoor for console is always enabled, so you can connect using

noradius and the administrator password even if the backdoor (telnet) or secure backdoor (secbd) are

disabled.

If Telnet backdoor is enabled (telnet ena), type in noradius as a backdoor to bypass RADIUS checking,

and use the administrator password to log into the switch. The switch allows this even if RADIUS servers are

available.

If secure backdoor is enabled (secbd ena), type in noradius as a backdoor to bypass RADIUS checking,

and use the administrator password to log into the switch. The switch allows this only if RADIUS servers are

not available.