Cisco Systems XR radius-server host

Authentication, Authorization, and Accounting Commands on CiscoIOS XR Software radius-server host

SR-41

Cisco IOS XR System Security Command Reference

radius-server host

Tospecify a RADIUS server host, use the radius-server host command in global configuration mode.

To delete the specified RADIUS host, use theno form of this command.

radius-server host {hostname | ip-address} [auth-port port-number] [acct-port port-number]

[timeout seconds] [retransmit retries] [key string]

no radius-server host {hostname | ip-address} [auth-port port-number] [acct-port port-number]

Syntax Description

Defaults No RADIUS host is specified; use global radius-server command values.

Command Modes Global configuration

hostname Domain Name System (DNS) name of the RADIUS server host.

ip-address IP address of the RADIUS server host.

auth-port port-number (Optional) Specifiesthe User Datagram Protocol (UDP) destination port for

authentication requests; the host is not used for authentication if set to 0. If

unspecified, the port number defaults to 1645.

acct-port port-number (Optional) Specifies the UDP destination port for accounting requests; the

host is not used for accounting if set to 0. If unspecified, the port number

defaults to 1646.

timeout seconds (Optional) The time interval (in seconds) that the router waits for the

RADIUS server to reply before retransmitting. This setting overrides the

global value of the radius-server timeout command. If no timeout valueis

specified,the global value is used. Enter a value in the range from 1 to 1000.

Default is 5.

retransmit retries (Optional) The number of times a RADIUS request is re-sent to a server, if

that serveris not responding or responding slowly. This setting overrides the

global setting of the radius-server retransmit command. If no retransmit

value is specified,the global value is used. Enter a value in the range from 1

to 100. Default is 3.

key string (Optional) Specifiesthe authentication and encryption key used between the

router and the RADIUS server. This key overrides the global setting of the

radius-server key command. If no key string is specified, the global value

is used.

The key is a text string that must match the encryption key used on the

RADIUS server. Always configure the key as the last item in the

radius-server host command syntax. This is because the leading spaces are

ignored, but spaces within and at the end of the key are used. If you use

spaces in the key, do not enclose the key in quotation marks unless the

quotation marks themselves are part of the key.