4-28 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.1
Chapter 4
CLI Command Use the following CLI commands to configure the RADIUS client on the
switch:
To enable or disable RADIUS client, (configure)# set radius
authentication [{enabled | disabled}]
To assign the switch to a group, (configure)# set radius
authentication group <group>
To set the user account realm that is authorized to log in to this
switch, (configure)# set radius authentication realm
<realm>.
To set the maximum number of Access-Request messages t o send i f
the server does not reply, (configure)# set radius
authentication retry-number <retry-number>
To set the time to wait before attempting to reauthe nticate a login,
(configure)# set radius authentication retry-number <retry-
time-in-seconds>
To set the primary or secondary RADIUS server, (configure)#
set radius authentication server <ip-addr> <shared-secret>
[encrypted-type1] [{primary | secondary}]
Retry Number Enter the number of times to resend the Access-Request
message if the RADIUS server does not respond.
Retry Time Enter the time (in seconds) to wait before resending an
Access-Request message.
UDP Port Enter the UDP port number that you want the switch to use
for RADIUS authentication. The default value is 1812.
Valid options are 1812 or 1645 only.
Switch-Service-
Type Required If this setting is enabled, the switch recognizes only
Access-Accept messages that have the correct switch
service type VSA (attribute 1).
If this setting is disabled, the switch recognizes both the
switch service type VSA and the service type standard
radius attribute (attribute 6). For the standard radius
attribute, the switch recognizes only two values:
• Administrative (value 6)
• NAS-Prompt (7),which the switch recognizes as read-
only access.
Table 4-4. RADIUS Web Page Configuration Parameters
Parameter Definition
2 of 2