Command: /cfg/sys/radius
[RADIUS Server | Menu] | |
prisrv | - | Set primary RADIUS server address |
secsrv | - | Set secondary RADIUS server address |
secret | - | Set primary RADIUS server secret |
secret2 | - | Set secondary RADIUS server secret |
port | - | Set RADIUS port |
retries | - | Set RADIUS server retries |
timeout | - | Set RADIUS server timeout |
bckdoor | - | Enable/disable RADIUS backdoor for telnet/ssh/http/https |
secbd | - | Enable/disable RADIUS secure backdoor for telnet/ssh/http/https |
on | - | Turn RADIUS authentication ON |
off | - | Turn RADIUS authentication OFF |
cur | - | Display current RADIUS configuration |
NOTE: See the Application Guide for information on RADIUS.
The following table describes the RADIUS Server Configuration Menu options.
Table 61 RADIUS Server Configuration Menu options
Command |
| Description | |
prisrv <IP address> | Sets the primary RADIUS server address. | ||
secsrv <IP address> | Sets the secondary RADIUS server address. | ||
secret | This is the shared secret between the switch and the RADIUS | ||
|
| server(s). | |
secret2 | This is the secondary shared secret between the switch and the | ||
|
| RADIUS server(s). | |
port <UDP port number> | Enter the number of the User Datagram Protocol (UDP) port to be | ||
|
| configured, between | |
retries | Sets the number of failed authentication requests before switching to a | ||
|
| different RADIUS server. The range is | |
|
| requests. | |
timeout | Sets the amount of time, in seconds, before a RADIUS server | ||
|
| authentication attempt is considered to have failed. The range is | |
|
| seconds. The default is 3 seconds. | |
| bckdoor enabledisable | Enables or disables the RADIUS back door for telnet/SSH/ | ||
|
| HTTP/HTTPS. The default value is disabled. This command does not | |
|
| apply when secure backdoor (secbd) is enabled. | |
| secbd enabledisable | Enables or disables the RADIUS back door using secure password for | ||
|
| telnet/SSH/ HTTP/HTTPS. The default value is disabled. This | |
|
| command does not apply when backdoor (bckdoor) is enabled. | |
on |
| Enables the RADIUS server. | |
off |
| Disables the RADIUS server. This is the default. | |
cur |
| Displays the current RADIUS server parameters. | |
|
|
| |
IMPORTANT: | If RADIUS is enabled, you must login using RADIUS authentication when connecting via the | ||
console or Telnet/SSH/HTTP/HTTPS. Backdoor for console is always enabled, so you can connect using noradius and the administrator password even if the backdoor (bckdoor) or secure backdoor (secbd) are disabled.
If backdoor is enabled (bckdoor ena), type in noradius as a backdoor to bypass RADIUS checking, and use the administrator password to log into the switch. The switch allows this even if RADIUS servers are available.
If secure backdoor is enabled (secbd ena), type in noradius as a backdoor to bypass RADIUS checking, and use the administrator password to log into the switch. The switch allows this only if RADIUS servers are not available.
Command Line Interface 65