If you use the primary authentication command to modify or delete the primary authentication server
during an authentication process, communication with the primary server times out, and the device looks
for an active server with the highest priority for authentication.
For security purpose, all shared keys, including shared keys configured in plain text, are saved in cipher
text.
Examples
# Specify the primary authentication server with IP address 10.110 .1.1, U D P p o r t n u m b e r 1812, a n d
plaintext shared key hello for RADIUS scheme radius1.
<Sysname> system-view
[Sysname] radius scheme radius1
[Sysname-radius-radius1] primary authentication 10.110.1.1 1812 key simple hello
Related commands
• display radius scheme
• key (RADIUS scheme view)
• secondary authentication (RADIUS scheme view)
• vpn-instance (RADIUS scheme view)
radius nas-ip
Use radius nas-ip to specify a source address for outgoing RADIUS packets.
Use undo radius nas-ip to delete a source address for outgoing RADIUS packets.
Syntax
radius nas-ip { ipv4-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ]
undo radius nas-ip { ipv4-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ]
Default
The source IP address of an outgoing RADIUS packet is the IP address of the outbound interface.
Views
System view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies an IPv4 address, which must be an address of the device and cannot be 0.0.0.0,
255.255.255.255, a class D address, a class E address, or a loopback address.
ipv6 ipv6-address: Specifies an IPv6 address, which must be a unicast address of the device and cannot
be a loopback address or a link-local address.
44
To Next Page
Loading...
Need help?
General
