RADIUS Authentication and Accounting

Configuring the Switch for RADIUS Authentication

2. Configure the Switch To Access a RADIUS Server

This section describes how to configure the switch to interact with a RADIUS server for both authentication and accounting services.

N o t e

If you want to configure RADIUS accounting on the switch, go to page 3-16:

 

“Configuring RADIUS Accounting” instead of continuing here.

 

 

Syntax: [no] radius-server host < ip-address>

Adds a server to the RADIUS configuration or (with no) deletes a server from the configuration. You can configure up to three RADIUS server addresses. The switch uses the first server it successfully accesses. (Refer to "Changing the RADIUS Server Access Order" on page 3-27.)

[auth-port < port-number>]

Optional. Changes the UDP destination port for authenti­ cation requests to the specified RADIUS server (host). If you do not use this option with the radius-server host command, the switch automatically assigns the default authentication port number. The auth-portnumber must match its server counterpart. (Default: 1812)

[acct-port < port-number>]

Optional. Changes the UDP destination port for account­ ing requests to the specified RADIUS server. If you do not use this option with the radius-server host command, the switch automatically assigns the default accounting port number. The acct-portnumber must match its server coun­ terpart.(Default: 1813)

[key < key-string >]

Optional. Specifies an encryption key for use during authentication (or accounting) sessions with the specified server. This key must match the encryption key used on the RADIUS server. Use this command only if the specified server requires a different encryption key than configured for the global encryption key.

no radius-server host < ip-address> key

Use the no form of the command to remove the key for a specified server.

3-10

Page 64
Image 64
HP 4100gl manual Configure the Switch To Access a Radius Server, Configuring Radius Accounting instead of continuing here