Managing Authentication Servers RADIUS Servers
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 31-11
The following table lists the VSAs supported for RADIUS accounting servers. The attributes in the
radius.ini file can be modified if necessary.
Configuring the RADIUS Client
Use the aaa radius-server command to configure RADIUS parameters on the switch.
When creating a new server, at least one host name or IP address (IPv4 or IPv6) (specified by the host
keyword) is required as well as the shared secret (specified by the key keyword).
In this example, the server name is rad1, the host address is 10.10.2.1, the backup address is 10.10.3.5,
and the shared secret is amadeus. Note that the shared secret must be configured exactly the same as on
the server.
-> aaa radius-server rad1 host 10.10.2.1 10.10.3.5 key amadeus
An option prompt-key is provided, which can be used to enter the secret key in a obscured format rather
than as clear text. When this option is selected, press the Enter key. A prompt appears prompting to enter
the secret key. Secret key needs to be re-entered, and only if both the entries match, command is accepted.
Key provided in this mode is not displayed on the CLI as text.
For example,
-> aaa radius-server rad1 prompt-key host 10.10.2.1
Enter Key: *******
Confirm Key: *******
To modify a RADIUS server, enter the server name and the desired parameter to be modified.
49 Acct-Terminal-Cause Indicates how the session was terminated:
NAS-ERROR
USER-ERROR
LOST CARRIER
USER-REQUEST
STATUS-FAIL
Num. Accounting VSA Type Description
1 Alcatel-Lucent-Auth-Group integer The authenticated VLAN number. The only protocol
associated with this attribute is Ethernet II. If other
protocols are required, use the protocol attribute
instead.
2 Alcatel-Lucent-Slot-Port string Slot(s)/port(s) valid for the user.
4 Alcatel-Lucent-Client-IP-
Addr
dotted
decimal
The IP address used for Telnet only.
5 Alcatel-Lucent-Group-Desc string Description of the authenticated VLAN.
RADIUS server keywords
key
host
retransmit
timeout
auth-port
acct-port
Num. Standard Attribute Description
To Next Page
Loading...
Need help?
General
