To do…

 

Use the command…

Remarks

 

 

 

Enter system view

 

system-view

 

 

 

 

 

 

 

 

 

 

 

 

 

Required

 

 

 

Create a RADIUS scheme and

 

radius scheme

By default, a RADIUS scheme

 

 

 

enter its view

 

radius-scheme-name

named "system" has already

 

 

 

 

 

 

been created in the system.

 

 

 

 

 

 

 

 

 

 

 

 

 

Required

 

 

 

Set the IP address and port

 

 

By default, the IP address and

 

 

 

number of the primary RADIUS

 

primary authentication

UDP port number of the

 

 

 

authentication/authorization

 

ip-address [ port-number ]

primary server are 0.0.0.0 and

 

 

 

server

 

 

1812 respectively for a newly

 

 

 

 

 

 

created RADIUS scheme.

 

 

 

 

 

 

 

 

 

 

 

 

 

Optional

 

 

 

Set the IP address and port

 

 

By default, the IP address and

 

 

 

number of the secondary

 

secondary authentication

UDP port number of the

 

 

 

RADIUS

 

secondary server are 0.0.0.0

 

 

 

ip-address [ port-number ]

 

 

 

authentication/authorization

and 1812 respectively for a

 

 

 

 

 

 

 

 

server

 

 

newly created RADIUS

 

 

 

 

 

 

scheme.

 

 

 

 

 

 

 

 

zThe authentication response sent from the RADIUS server to the RADIUS client carries authorization information. Therefore, you need not (and cannot) specify a separate RADIUS authorization server.

zIn an actual network environment, you can specify one server as both the primary and secondary authentication/authorization servers, as well as specifying two RADIUS servers as the primary and secondary authentication/authorization servers respectively.

zThe IP address and port number of the primary authentication server used by the default RADIUS scheme "system" are 127.0.0.1 and 1645.

Configuring RADIUS Accounting Servers

Follow these steps to configure RADIUS accounting servers:

 

To do…

 

Use the command…

 

Remarks

 

Enter system view

 

system-view

 

 

 

 

 

 

 

 

 

 

 

 

Required

 

Create a RADIUS scheme and

 

radius scheme

 

By default, a RADIUS scheme

 

enter its view

 

radius-scheme-name

 

named "system" has already

 

 

 

 

 

been created in the system.

 

 

 

 

 

 

 

 

 

 

 

Required

 

Set the IP address and port

 

primary accounting

 

By default, the IP address and

 

 

 

UDP port number of the

 

number of the primary RADIUS

 

 

 

 

ip-address [ port-number ]

 

primary accounting server are

 

accounting server

 

 

 

 

 

 

0.0.0.0 and 1813 for a newly

 

 

 

 

 

 

 

 

 

 

created RADIUS scheme.

 

 

 

 

 

 

 

2-11

 

 

Page 270
Image 270
3Com WX3000 Configuring Radius Accounting Servers, Primary authentication, Ip-address port-number, Primary accounting