Filter
Top Products
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1-33
1.2.9 local-server
Syntax
local-server nas-ip ip-address key password
undo local-server nas-ip ip-address
View
System view
Parameter
nas-ip ip-address: Specifies the NAS-IP address of the local RADIUS server. Where,
ip-address is in dotted decimal notation.
key password: Specifies the shared key of the authentication server and access server.
Where, password is a character string of up to 16 characters.
Description
Use the local-server command to create a local RADIUS authentication server (that is,
set the related parameters of the server).
Use the undo local-server command to delete the specified local RADIUS
authentication server.
By default, a local RADIUS authentication server is used, whose default NAS-IP and
key are 127.0.0.1 and 3Com respectively. That is, the local device serves as a RADIUS
authentication server and a network access server, and all authentications are
performed locally.
Note that:
z The switch not only supports the traditional RADIUS client service to accomplish
user AAA management through foreign authentication/authorization server and
accounting server, but also provides a simple local RADIUS server function for
authentication and authorization. This function is called local RADIUS
authentication server function.
z When you use the local RADIUS authentication server function, the UDP port
number for the authentication/authorization service must be 1645, the UDP port
number for the accounting service is 1646.
z The packet encryption key set by the local-server command with the key
password parameter must be identical with the authentication/authorization packet
encryption key set by the key authentication command in RADIUS scheme view.
z The switch supports at most 16 IP addresses and shared keys of the network
access server (including the default local RADIUS authentication server); that is,
when the switch serves as a RADIUS authentication server, it can support at most
16 network access servers simultaneously to provide authentication.