Manualshelf

User Manual

ManualsBrandsPLANET Technology ManualsLAN SwitchesLayer 3 24-Port 10G SFP+ + 4-Port 100G QSFP28 Managed Switch
919293949596979899100
95
Users Manual of XGS-6350-24X4C
To configure RADIUS to use the AAA security commands, you must specify the host running the RADIUS
server daemon and a secret text (key) string that it shares with the router.
To configure per-server RADIUS server communication, use the following command in global configuration
mode:
Command Purpose
radius-server hostip-address
[auth-portport-number][acct-portportnumber]
Specifies the IP address or host name of the remote
RADIUS server host and assign authentication and
accounting destination port numbers.
radius-server keystring
Specifies the shared secret text string used between
the router and a RADIUS server.
To configure global communication settings between the router and a RADIUS server, use the following
radius-server commands in global configuration mode:
Command Purpose
radius-server retransmitretries
Specifies how many times the switch transmits each
RADIUS request to the server before giving up (the
default is 2).
radius-server timeout seconds
Specifies for how many seconds a switch waits for a
reply to a RADIUS request before retransmitting the
request.
radius-server deadtime minutes
Specifies for how many minutes a RADIUS server that
is not responding to authentication requests is passed
over by requests for RADIUS authentication.
6.2.4.2 Configuring Switch to Use Vendor-Specific RADIUS Attributes
The Internet Engineering Task Force (IETF) draft standard specifies a method for communicating
vendor-specific information between the network access server and the RADIUS server by using the
vendor-specific attribute (attribute 26).
Vendor-specific attributes (VSAs) allow vendors to support their own extended attributes not suitable for
general use.
For more information about vendor-IDs and VSAs, refer to RFC 2138, Remote Authentication Dial-In User
Service (RADIUS). To configure the network access server to recognize and use VSAs, use the following
command in global configuration mode:
Command Purpose
radius-servervsa send [authentication] Enables the network access server to recognize
and use VSAs as defined by RADIUS IETF
attribute 26.