210 CHAPTER 11: 802.1X CONFIGURATION
â– Configuring the Local RADIUS Authentication Server
â– Configuring Source Address for RADIUS Packets Sent by NAS
â– Setting the Timers of the RADIUS Server
Among the above tasks, creating the RADIUS scheme and setting the IP address of
the RADIUS server are required, while other tasks are optional and can be
performed as per your requirements.
Creating/Deleting a
RADIUS Scheme
As mentioned above, RADIUS protocol configurations are performed on the per
RADIUS scheme basis. Therefore, before performing other RADIUS protocol
configurations, it is essential to create the RADIUS scheme and enter its view to set
its IP address.
You can use the following commands to create/delete a RADIUS scheme.
Perform the following configurations in System View.
Table 220 Creating/Deleting a RADIUS Server Group
Several ISP domains can use a RADIUS scheme at the same time. You can
configure up to 16 RADIUS schemes, including the default scheme named as
system.
By default, the system has a RADIUS scheme named as system whose attributes
are all default values. The default attribute values will be introduced in the
following text.
Configuring RADIUS
Authentication/
Authorization Servers
After creating a RADIUS scheme, you have to set IP addresses and UDP port
numbers for the RADIUS servers, including primary/secondary
authentication/authorization servers and accounting servers. You can configure up
to four groups of IP addresses and UDP port numbers. However, as a minimum,
you have to set one group of IP address and UDP port number for each pair of
primary/secondary servers to ensure the normal AAA operation.
You can use the following commands to configure the IP address and port number
for RADIUS servers.
Perform the following configurations in RADIUS Scheme View.
Table 221 Configuring RADIUS Authentication/Authorization Servers
Operation Command
Create a RADIUS scheme and enter its view radius scheme
radius_scheme_name
Delete a RADIUS scheme undo radius scheme
radius_scheme_name
Operation Command
Set IP address and port number of primary
RADIUS authentication/authorization server.
primary authentication
ip_address [ port_number ]
Restore IP address and port number of primary
RADIUS authentication/authorization server to
the default values.
undo primary authentication
To Next Page
Loading...
Need help?
General