Filter
Top Products
Chapter 2 Configuring User Profiles and CSS Parameters
Configuring the CSS as a Client of a RADIUS Server
2-28
Cisco Content Services Switch Basic Configuration Guide
78-11424-03
If no response is returned by the RADIUS server within a period of time, the
authentication request is retransmitteda predefined number oftimes (both options
are specified in the radius-server command). The RADIUS client can forward
requests to an alternate secondary RADIUS server in the event that the primary
server is down or is unreachable.
In a configuration where both a primary RADIUS server and a secondary
RADIUS server are specified, and one or both of the RADIUS servers become
unreachable, the CSS automatically transmits a keepalive authentication request
to query the server(s). The CSS transmits the username “query” and the password
“areyouup” to the RADIUS server (encrypted with the RADIUS server’s key) to
determine its state. The CSS continues to send this keepalive authentication
request until the RADIUS server indicates that it is available.
Configuring the CSS as a RADIUS Client
Note This section assumes that you have properly configured your
RADIUS server implementation. Cisco Systems does not provide
RADIUS server software, and it is beyond the scope of this
document to cover the different RADIUS server configurations.
Use the radius-server command and its options to specify the RADIUS server
host (primary RADIUS server, and, optionally, a secondary RADIUS Server),
communication time interval settings, and a shared secret text string. This
command is available in configuration mode. The options for this command are:
• radius-server primary ip_address secret string {auth-port port_number}-
Specify the primary RADIUS server.
• radius-serversecondary ip_addresssecretstring {auth-port port_number}
- Specify the secondary RADIUS server. Configuration of a secondary
RADIUS server is optional.
• radius-server dead-time seconds - Set the time interval (in seconds) that the
CSS probes an inactive RADIUS server (primary and secondary) to
determine if it is back online.