Radius server key, Radius server msgauth | NETGEAR NETGEAR manual

User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software

radius server key

This command is used to configure the shared secret between the RADIUS client and the RADIUS accounting / authentication server. Depending on whether the 'auth' or 'acct' token is used, the shared secret will be configured for the RADIUS authentication or RADIUS accounting server. The IP address provided must match a previously configured server. When this command is executed, the secret will be prompted. The secret must be an alphanumeric value not exceeding 20 characters.

Format	radius server key {auth acct} <ipaddr>
Mode	Global Config

radius server msgauth

This command enables the message authenticator attribute for a specified server.

Default	radius	server	msgauth <ipaddr>
Mode	Global	Config

radius server primary

This command is used to configure the primary RADIUS authentication server for this RADIUS client. The primary server is the one that is used by default for handling RADIUS requests. The remaining configured servers are only used if the primary server cannot be reached. A maximum of three servers can be configured on each client. Only one of these servers can be configured as the primary. If a primary server is already configured prior to this command being executed, the server specified by the IP address specified used in this command will become the new primary server. The IP address must match that of a previously configured RADIUS authentication server.

Format	radius server primary <ipaddr>
Mode	Global Config

radius server retransmit

This command sets the maximum number of times a request packet is re-transmitted when no response is received from the RADIUS server. The retries value is an integer in the range of 1 to 15.

Default10

Security Commands

9-19

202-10088-01, March 2005

Image 225

NETGEAR NETGEAR Radius server key, Radius server msgauth, Radius server primary, Radius server retransmit, Default10

Contents

202-10088-01, March Technical Support Canadian Department of Communications Compliance Statement 202-10088-01, March Contents Chapter Command Line Interface Structure 202-10088-01, March 202-10088-01, March 202-10088-01, March 202-10088-01, March Pre-login Banner System Log Syslog User Account Commands 202-10088-01, March 100 202-10088-01, March 202-10088-01, March Chapter Security Commands 202-10088-01, March 202-10088-01, March Chapter Routing Commands Xxii 202-10088-01, March Chapter Quality of Service QoS Commands 202-10088-01, March 202-10088-01, March Chapter Managing Switch Stacks Appendix a Is CLI Mapping Appendix B Cabling Guidelines Contents Xxx Contents Why the Document was Created How to Use This DocumentAudience Special Message Formats Typographical Conventions About This Guide About This Guide Scope Switch Management Overview Comparing Switch Management Methods Set Up Your Switch Using Direct Console Access Chapter Administration Console Interface Connection Description Connection Settings Administration Console Interface Chapter Web-Based Management Interface Web Based Management Overview How to Log In to the Managed Switch Login window opens System Information Web-Based Management Utility Features Interactive switch image Interactive Switch Image Main Menus Menus Switch Secondary MenusManagement Routing System-Wide Popup MenusTraffic Management Smart Wizard Port-Specific Popup Menus Web-Based Management Interface Command CLI Command Format Values Parameters Macaddr Conventions Annotations Chapter Quick Start up Quick Starting the Switch System Info and System Setup Quick Start up Software Version InformationQuick Start up Physical Port Data Quick Start up IP Address Quick Start up User Account Management Quick Start up IP Address Xmodem Quick Start up Uploading from Switch to Out-of-Band PC Only Quick Start up Downloading from Tftp Server Quick Start up Factory Defaults Chapter Mode-based CLI Enter the ip dhcp pool Correct Mode-based Topology Command prompt shown at this level is Mode-based Command Hierarchy Figuration mode to configure the QoS policy map Invalid input detected at ‘’ marker Flow of Operation No Form of a Command Behavior of Command Help ?Support for No Form Mode-based CLI System Information and Statistics Commands Chapter Switching Commands Show arp switch Show eventlogShow hardware Show interface Show interface ethernet Packets Received Packets Received Successfully Packets Received with MAC Errors Received Packets not forwarded Packets Transmitted Octets Transmit Errors Packets Transmitted SuccessfullyTransmit Discards Protocol Statistics Dot1x Statistics Switching Commands Show mac-addr-table Show logging Show msglog Show running-config System Management Commands Show sysinfoSnmp-server Telnet Transport input telnetNo transport input telnet Session-timeout Transport output telnetSession-limit Bridge aging-time No session-timeoutSeconds No bridge aging-time Network javamode MtuNetwork mac-address No mtu Network mac-type Network parmsNo network mac-type Network protocol Telnetcon timeoutTelnetcon maxsessions No telnetcon maxsessions No telnetcon timeout Serial timeoutNo serial timeout Serial baudrate Serviceport protocol Serviceport ipSet prompt Show telnet Show network Show forwardingdb agetime Java Mode Format ModeShow telnetcon Show serial Show serviceport Show snmpcommunity Snmp Community CommandsClient IP Address Client IP Mask Show trapflags Show snmptrap No snmp-server community Snmp-server community Snmp-server community ipmask Snmp-server community ipaddrNo snmp-server community ipaddr No snmp-server community ipmask No snmp-server community mode Snmp-server community modeSnmp-server community ro Snmp-server community rw Snmp-server enable traps bcaststorm Snmp-server enable trapsSnmp-server enable traps linkmode No snmp-server enable traps Snmp-server enable traps stpmode Snmp-server enable traps multiusersNo snmp-server enable traps linkmode No snmp-server enable traps stpmode No snmptrap mode Snmptrap modeSnmptrap Snmptrap ipaddr Snmp trap link-status all Snmp trap link-statusNo snmp trap link-status No snmp trap link-status all System Configuration Commands Management Vlan CommandNetwork mgmtvlan Addport Deleteport Global Config Deleteport Interface ConfigAuto-negotiate all No auto-negotiate Macfilter Macfilter adddestNo macfilter Macfilter addsrc Macfilter adddest allNo macfilter adddest No macfilter adddest all Monitor session Macfilter addsrc allNo macfilter addsrc No macfilter addsrc all No monitor session mode Monitor session modeShutdown No monitor session Speed all Shutdown allNo shutdown 100f 10h 10f 100h Storm-control broadcast100f No storm-control broadcast Storm-control flowcontrol Show mac-address-table multicastNo storm-control flowcontrol Show mac-address-table staticfiltering Show mac-address-table static Show mac-address-table stats Show monitorShow port Show port protocol Show storm-control Virtual LAN Vlan CommandsVlan No vlan Vlan ingressfilter Vlan acceptframeNo vlan acceptframe No vlan ingressfilter Vlan name Vlan makestaticVlan participation No vlan name Vlan port acceptframe all Vlan participation allExclude Auto Vlan port pvid all Vlan port ingressfilter allNo vlan port acceptframe all No vlan port ingressfilter all Vlan protocol group Vlan port tagging allVlan protocol group add protocol No vlan port tagging all Protocol group Vlan protocol group removeNo vlan protocol group add protocol No protocol group Protocol vlan group all Protocol vlan groupNo protocol vlan group No protocol vlan group all Vlan tagging Vlan pvidShow vlan No vlan pvid Vlan Name ConfiguredVlan Type Current Show vlan brief Show vlan portPort Vlan ID System Utility Commands TracerouteIngress Filtering Enable passwd Clear configClear counters Clear igmpsnooping Clear traplog Clear port-channelClear vlan Logout Reload PingCopy Formatreload Pre-login Banner Configuration Scripting CLI Command LoggingLogging cli-command No logging cli-command Format Configscript delete Configscript applyConfigscript list Configscript show System Log Syslog Configscript validate Logging buffered wrap Logging bufferedLogging console No logging buffered Logging host Logging historyNo logging console No logging history Logging port Logging host removeLogging syslog No logging port Client Local Port Show logging history Show logging buffered Admin StatusShow logging hosts Severity Level Filter Simple Network Time Protocol Sntp Sntp client modeSntp broadcast client poll-interval Host Status Sntp client port Sntp client modeSntp unicast client poll-interval No sntp client port No sntp unicast client poll-timeout Sntp unicast client poll-timeoutSntp unicast client poll-retry Sntp multicast client poll-interval Show sntp Sntp server Show sntp server Show sntp client User Account Commands Show loginsessionDisconnect Connection From Show usersIdle Time Session Time Users passwd Users nameNo users name No users passwd Users snmpv3 authentication Users snmpv3 accessmodeNo users snmpv3 accessmode No users snmpv3 authentication Dhcp Server Commands Users snmpv3 encryptionNo users snmpv3 encryption Client-name Client-identifierNo client-identifier No client-name No default-router Default-routerDns-server Hardware-address Ip dhcp excluded-address HostNo hardware-address No host Ip dhcp ping packets DefaultnoneIp dhcp pool No ip dhcp excluded-address Network LeaseNo ip dhcp pool No lease Bootfile Service dhcpNo service dhcp No bootfile No ip dhcp bootp automatic Ip dhcp bootp automaticDomain-name Ip dhcp conflict logging Netbios-node-type Netbios-name-serverNo netbios-name-server No ip dhcp conflict logging Next-server No netbios-node-typeOption No next-server Show ip dhcp global configuration Show ip dhcp bindingNo option Show ip dhcp server statistics Show ip dhcp pool configuration Show ip dhcp conflict Clear ip dhcp binding Provisioning Ieee 802.1p CommandsClear ip dhcp server statistics Clear ip dhcp conflict Show classofservice dot1pmapping Classofservice dot1pmappingVlan port priority all Vlan priority Garp Commands Set garp timer joinNo set garp timer join Set garp timer leave Set garp timer join allNo set garp timer join all No set garp timer leave Set garp timer leaveall Set garp timer leave allNo set garp timer leave all No set garp timer leaveall No set garp timer leaveall all Set garp timer leaveall allGmrp Admin Mode Gvrp Admin Mode Set gvrp adminmode Garp Vlan Registration Protocol Gvrp CommandsNo set gvrp adminmode Set gvrp interfacemode Set gvrp interfacemode all Show gvrp configuration Set gmrp adminmode Garp Multicast Registration Protocol Gmrp CommandsPort Gmrp Mode No set gmrp adminmode Set gmrp interfacemode all Set gmrp interfacemodeNo set gmrp interfacemode No set gmrp interfacemode all Show mac-address-table gmrp Show gmrp configuration Set igmp Internet Group Management Protocol Igmp Commands Set igmp groupmembership-interval No set igmpNo set igmp groupmembership-interval Set igmp maxresponse Set igmp interfacemode allNo set igmp interfacemode all No set igmp maxresponse Set igmp mcrtrexpiretime Format Mode Admin ModeShow igmpsnooping No set igmp mcrtrexpiretime Show mac-address-table igmpsnooping Igmp Snooping per Vlan No set igmp groupmembershipinterval Set igmp groupmembershipinterval Set igmp mcrtexpiretime Set igmp fast-leaveNo set igmp mcrtexpiretime No set igmp fast-leave Link Aggregation LAG/Port-Channel 802.3AD Commands Fast Leave ModePort-channel staticcapability Port lacpmode all Port lacpmodeNo port-channel staticcapability No port lacpmode No port-channel adminmode Port-channel adminmode allPort-channel Port-channel linktrap Show port-channel brief Port-channel name Show port-channel Spanning-tree max-hops Spanning Tree STP CommandsSpanning-tree No spanning-tree max-hops Spanning-tree configuration revision Spanning-tree configuration nameNo spanning-tree configuration name No spanning-tree Spanning-tree edgeport No spanning-tree configuration revisionSpanning-tree forceversion No spanning-tree edgeport Spanning-tree hello-time Spanning-tree forward-timeNo spanning-tree forceversion No spanning-tree forward-time Spanning-tree max-age Spanning-tree mstNo spanning-tree max-age No spanning-tree mst Cost auto external-cost auto port-priorty Spanning-tree mst priority Spanning-tree mst instanceNo spanning-tree mst instance No spanning-tree mst priority No spanning-tree port mode Spanning-tree port modeSpanning-tree mst vlan No spanning-tree mst vlan Spanning-tree bpdumigrationcheck Spanning-tree port mode all Show spanning-tree Show spanning-tree interface Port mode Show spanning-tree mst port detailed Show spanning-tree mst detailed Port Forwarding State Port PriorityPort Role Port Path Cost Show spanning-tree mst summary Show spanning-tree mst port summaryCST Regional Root CST Port Cost Show spanning-tree vlan Show spanning-tree summary Switching Commands 133 Mode Topology Change Designated Root Root Path CostRoot Port Identifier Root Port Max Age Bridge Forward Delay Root Port Bridge Forward Delay Derived valueCST Regional Root Regional Root Path Cost Bridge Identifier Bridge Max Age RST BPDUs Transmitted STP BPDUs TransmittedMstp BPDUs Transmitted Mstp BPDUs Received MST Instance ID Port Identifier Port Priority Configured value indicating if this port is an edge port Port Security Port-securityNo port-security Port-security max-static Port-security max-dynamicNo port-security max-dynamic No port-security max-static No snmp-server enable traps violation Snmp-server enable traps violationPort-security mac-address Port-security mac-address move Show port-security Show port-security dynamicShow port-security static Port Based Network Access Control Ieee 802.1X Commands Authentication loginShow port-security violation No authentication login Dot1x defaultloginClear dot1x statistics Clear radius statistics Dot1x initialize Dot1x loginDot1x max-req No dot1x max-req Dot1x port-control Dot1x port-control AllNo dot1x port-control Dot1x re-authentication Dot1x re-authenticateNo dot1x re-authentication Dot1x system-auth-control No dot1x system-auth-control Dot1x timeout Dot1x user No dot1x timeoutShow radius accounting No dot1x user Show authentication Show dot1x Show authentication usersMethod User Supplicant Timeout Control ModeServer Timeout Protocol Version Control Direction Users defaultlogin Show users authenticationUsers login Show dot1x users Radius accounting mode Remote Authentication Dial In User Service Radius CommandsNo radius accounting mode Radius server host No radius server host Radius server key Default10Radius server msgauth Radius server primary No radius server timeout Radius server timeoutShow radius No radius server retransmit Show radius statistics Access Accepts Secure Shell SSH CommandsAccess Rejects Access Challenges Hypertext Transfer Protocol Http Commands Ip ssh protocolShow ip ssh Ip http secure-protocol Ip http secure-portIp http secure-server No ip http secure-port Ip http server Http ModeShow ip http No ip http server Security Commands Address Resolution Protocol ARP Commands ArpNo arp Arp cachesize Ip proxy-arpNo ip proxy-arp No arp cachesize Arp purge Arp dynamicrenewArp resptime No arp dynamicrenew No arp timeout Arp timeoutArp retries Clear arp-cache Age Time seconds Show arpRetries Cache Size IP Routing Show arp briefRouting Ip address Ip routingNo routing No ip routing Ip route Ip route defaultNo ip address No ip route Defaultenabled No ip route defaultIp route distance Ip forwarding Ip mtu Ip netdirbcastNo ip forwarding No ip netdirbcast Show ip interface Show ip brief Show ip route Show ip interface brief Show ip route entry Show ip route bestroutesProtocol Next Hop Intf Show ip stats Show ip route preferencesNext Hop Interface Preference Bootpdhcprelay cidoptmode Bootp/DHCP Relay CommandsNo bootpdhcprelay cidoptmode Encapsulation Bootpdhcprelay enable Bootpdhcprelay maxhopcountBootpdhcprelay minwaittime Show bootpdhcprelay Bootpdhcprelay serverip Ip irdp Router Discovery Protocol CommandsIp irdp address No ip irdp Ip irdp maxadvertinterval Ip irdp holdtimeNo ip irdp address No ip irdp holdtime Ip irdp preference Ip irdp minadvertintervalShow ip irdp No ip irdp minadvertinterval Vlan routing Virtual LAN Routing Commands Enable RIP Routing Information Protocol RIP CommandsShow ip vlan Logical Interface Default-information originate RIP Ip ripAuto-summary No default-information originate RIP Default-metric RIPNo default-metric RIP Distance rip No default-information originate Ip rip authenticationDistribute-list out No distribute-list out Ip rip receive version No ip rip authenticationIp rip send version No ip rip receive version Split-horizon HostroutesacceptNo ip rip send version No hostroutesaccept Show ip rip RedistributeFormat for other source protocol No redistribute Show ip rip interface brief RIP ModeSend Version Receive Version Show ip rip interface Mac access-list extended name Access Control List ACL Commands Mac access-list extended rename name newname No mac access-list extended nameDenypermit srcmac srcmacmask dstmac dstmacmask Mac access-group name inout sequence Show mac access-list name Show mac access-listsNo mac access-group name inout Access-list Ip access-group Ip access-group allShow ip access-lists Differentiated Services DiffServ Commands Source IP MaskDestination IP Mask Diffserv Service Levels Class CommandsNo diffserv Traffic Classification No class-map Match ethertype Class-map renameMatch secondary-cos Match secondary-vlan Match class-map Match any Match destination-address mac Match cos Match dstl4port Match dstip Match ip precedence Match ip dscp Match protocol Match ip tos Match source-address mac Match srcipMatch srcl4port Match vlan Policy Commands Assign-queue DropMark secondary-cos Conform-color RedirectBandwidth kbps Policy Type Incompatibilities Bandwidth percentClass Expedite percent Expedite kbps Policy Type Mark ip-dscp Mark cos Policy Type Incompatibilities Mark ip-precedencePolice-simple Police-single-rate Police-two-rate Policy-map Policy-map renameRandomdrop Shape peak Shape average Service-policy Service Commands No service-policy Show Commands Class Name Show class-mapClass Type Match Criteria Show diffserv Show policy-map Conform COSAssign Queue Mark IP Dscp Policy NameMark IP Precedence Policing Style Exceed Action BandwidthShaping Average Class Members Show diffserv serviceDirection Operational Status DiffServ Mode Show diffserv service briefPolicy Details OperStatus 11-38 Quality of Service QoS Commands Sent Octets/Packets Show service-policyDir Offered Packets Class of Service CoS Commands Classofservice dot1p-mappingClassofservice ip-dscp-mapping Classofservice trust Classofservice ip-precedence-mappingNo classofservice trust Cos-queue max-bandwidth Cos-queue min-bandwidth No cos-queue max-bandwidthCos-queue random-detect No cos-queue min-bandwidth Random-detect Cos-queue strictNo cos-queue strict No random-detect Random-detect queue-parms Random-detect exponential-weighting-constantTail-drop queue-parms No random-detect queue-parms Traffic-shape Show classofservice dot1p-mapping Show classofservice ip-precedence-mapping Show classofservice trustShow interfaces cos-queue Show interfaces random-detect Fig indication Show interfaces tail-drop-threshold Drop precedence level for this queue, from 1 to p. The spe 11-50 Quality of Service QoS Commands Understanding Switch Stacks Chapter Managing Switch Stacks Switch Stack Membership Managing Switch Stacks 12-3 Interconnect Ports 51 As shown Stack Member Numbers Stack Master Election and Re-Election Stack Member Priority Values Switch Stack Offline Configuration Managing Switch Stacks 12-7 Switch Stack Software Compatibility Recommendations Incompatible Software and Stack Member Image UpgradesSwitch Stack Configuration Files Switch Stack Configuration Scenarios Switch Stack Management ConnectivityConnectivity to the Switch Stack Through Console Ports Connectivity to the Switch Stack Through Telnet Stacking Recommendations General Practices Initial installation and Power-up of a Stack Removing a Unit from the Stack Adding a Unit to an Operating StackReplacing a Stack Member with a New Unit Renumbering Stack Members Moving a Master to a Different Unit in the Stack Removing a Master Unit from an Operating StackMerging Two Operational Stacks Upgrading Firmware Preconfiguration Code Mismatch Migration of Configuration With a Firmware Upgrade Appendix a Is CLI Mapping Config acl rule action aclid Rulenum permit/deny Exec Is CLI Mapping Config diffserv policy police style Policy-Cla Police-simple Is CLI Mapping Show diffserv class summary Privileged Exec User Class-Ma Match not cos Config Class-Ma Match not ip precedence Config Routing Show arp switch Privileged Is CLI Mapping Is CLI Mapping Vlan Router No enable Is CLI Mapping Is CLI Mapping Config Router No auto-summary Router No split-horizon 7300S Series L3 Switch CLI Command Mode Syntax Config snmptrap ipaddr Global Config telnet maxsessions Privileged Remotecon maxsessions Is CLI Mapping Global No spanning-tree configuration name Config Config spanningtree bridge priority Removed 61440 Interface No spanning-tree mst mstid cost Config Config syslocation location Global Snmp-server location loc Transfer download path path Show loginsession Privileged Show vlan summary Privileged Show vlan brief Exec User Show mfdb gmrp Privileged Show mac-address-table gmrp Config lag create name Global Port-channel name Global Deleteport logical slot/port all Config Is CLI Mapping Config protocol vlan add groupid Privileged No set gvrp adminmode Is CLI Mapping Security Show users authentication Privileged Is CLI Mapping Security Show radius server summary Privileged Is CLI Mapping All detail slot/port statistics Is CLI Mapping Fast Ethernet Cable Guidelines Appendix B Cabling Guidelines Category 5 Cable Category 5 Cable Specifications Twisted Pair Cables Specifications Category 5 Cable Requirements 4illustrates crossover twisted pair cable Patch Panels and Cables Cabling Using 1000BASE-T Gigabit Ethernet over Category 5 CableLength Return Loss RJ-45 Plug and RJ-45 Connectors Near End Cross Talk NextPatch Cables PIN Normal Assignment on Uplink Assignment on Ports 1 to Conclusion Numeric Appendix C Glossary See Area Border Router on See Autonomous System Boundary Router on Packet sent to all devices on a network See Command Line Interface on See Differentiated Services on Computer, printer, or server that is connected to a network See Generic Attribute Registration Protocol on See Garp Multicast Registration Protocol on Internet Control Message Protocol See Local Area Network on Megabits per second See Multi-Protocol Label Switching on See Multiplexing on See Open Systems Interconnection on Set of rules for communication between devices on a network See Routing Information Protocol on See Resource Reservation Setup Protocol on See Simple Network Management Protocol on See TLS on See Virtual Local Area Network on Wins