RADIUS Authentication and Accounting
Configuring the Switch for RADIUS Authentication
3. Configure the Switch’s Global RADIUS Parameters
You can configure the switch for the following global RADIUS parameters:
■ Number of login attempts: In a given session, specifies how many
tries at entering the correct username and password pair are allowed
before access is denied and the session terminated. (This is a general
aaa authentication parameter and is not specific to RADIUS.)
■ Global server key: The server key the switch will use for contacts
with all RADIUS servers for which there is not a server-specific key
configured by radius-server host < ip-address > key < key-string >.
This key is optional if you configure a server-specific key for each
RADIUS server entered in the switch. (Refer to
“2. Configure the
Switch To Access a RADIUS Server” on page 5-10.)
■ Server timeout: Defines the time period in seconds for authentica-
tion attempts. If the timeout period expires before a response is
received, the attempt fails.
■ Server dead time: Specifies the time in minutes during which the
switch avoids requesting authentication from a server that has not
responded to previous requests.
■ Retransmit attempts: If the first attempt to contact a RADIUS
server fails, specifies how many retries you want the switch to attempt
on that server.
Syntax: aaa authentication num-attempts <1 - 10 >
Specifies how many tries for entering the correct user-
name and password before shutting down the session
due to input errors. (Default: 3; Range: 1 - 10).
[no] radius-server
key < global-key-string >
Specifies the global encryption key the switch uses with
servers for which the switch does not have a server-
specific key assignment. This key is optional if all
RADIUS server addresses configured in the switch
include a server-specific encryption key. (Default:
Null.)
5-12
To Next Page
Loading...
Need help?
General