Configuring the AAA and RADIUS Protocols 287
When using the local RADIUS server function of the Switch 8800, remember that:
■ The number of the UDP port used for authentication is 1645 and the number
for accounting is 1646.
■ The password configured by local-server command must be the same as that of
the RADIUS authentication/authorization packet configured by the command
key authentication in the Radius server group view
Displaying and Debugging the AAA and RADIUS Protocols
After you configure RADIUS, execute the display command in all views to display
the operation of the AAA and RADIUS configuration, and to verify the effect of
the configuration. Execute the reset command in user view to reset AAA and
RADIUS configuration. Execute the debugging command in user view to debug
AAA and RADIUS.
Example: AAA and
RADIUS Protocol
Configuration
AAA/RADIUS protocol configuration commands are generally used together with
802.1x configuration commands. Refer to the typical configuration examples
provided in
“Configuring 802.1x” on page 267.
Configuring FTP/Telnet User Authentication at Remote RADIUS Server
Configuring Telnet user authentication at the remote server is similar to
configuring FTP users. The following description is based on Telnet users.
Table 35 Display and Debug AAA and RADIUS Protocol
Operation Command
Display the configuration information of the
specified or all the ISP domains.
display domain [isp-name]
Display related information of user’s
connection
display connection {access-type {dot1x |
gcm} | domain isp-name | interface portnum
| ip ip-address | mac mac-address |
radius-scheme radius-scheme-name | vlan
vlanid | ucibindex ucib-index | user-name
user-name}
Display related information of the local user display local-user [domain isp-name |
idle-cut {disable | enable} | service-type
{telnet | ftp | lan-access
} | state {active |
block} | user-name user-name | vlan vlan-id]
Display information of local RADIUS server
group
display local-server statistics
Display the configuration information of all
the RADIUS server groups or a specified one
display radius [radius-server-name]
Display the statistics information of RADIUS
packets
display radius statistics
Reset the statistics of the Radius server reset radius statistics
Display the stopping accounting requests
saved in buffer without response (from system
view)
display stop-accounting-buffer
{radius-scheme radius-scheme-name |
session-id session-id | time-range start-time
stop-time | user-name user-name}
Delete the stopping accounting requests
saved in buffer without response (from system
view)
reset stop-accounting-buffer
{radius-scheme radius-scheme-name |
session-id session-id | time-range start-time
stop-time | user-name user-name}