Fortress Bridge: Command-Line Interface
96
Configure the Bridge interactively to authenticate users through
an external RADIUS server with set auth, as follows:
[GW]>
set auth external
IPserver:
123.45.67.89
[OK] set Server IP
AuthKey:
s3cr4ts5r6v7rk8y
[OK] set Authentication Key
The default RADIUS shared key is fortress.
The RADIUS shared key can also be set non-interactively with:
[GW]>
set auth -key
<sharedkey>
The -key switch does not apply to internal (local) user
authentication settings.
Disable RADIUS authentication on the Fortress Bridge with:
[GW]>
set auth off
The show auth and set auth commands are valid only in GW
(gateway) mode (refer to Section 6.1.1 for more detail).
6.4.8.2 Non-802.1X EAP Retry Interval Setting
When you are using an external non-802.1X RADIUS server
with the Bridge, you can tune the retransmission time for EAP
(Extensible Authentication Protocol) packets being sent to the
server and the EAP clients for which the Bridge is acting as the
authenticator.
View the Bridge’s EAP retry interval the
show
command:
[GW]>
show eapretryint
EAP retry interval in seconds 18
The Bridge’s EAP retry mechanism has a fixed, six-second
cycle, but the number of cycles allowed to elapse between EAP
retries is configurable.
Configure the EAP retry interval with the set command, in
whole-second values equal to or greater than six:
[GW]>
set eapretryint 6
[OK] set EAP retry Interval to 6
You can enter values for the EAP retry interval that are not
evenly divisible by six, but because the mechanism has a fixed
six-second cycle, the Bridge will round the value to the nearest
value that is evenly divisible by six:
[GW]>
set eapretryint 25
[OK] set EAP retry Interval to 24
The default EAP retry interval setting is 18 seconds.
The show eapretryint and set eapretryint commands are
valid only in GW (gateway) mode (refer to Section 6.1.1 for
more detail).