Support User Manuals

Dell FCX624-S Laptop User Manual

Open as PDF

of 1494

1188 PowerConnect B-Series FCX Configuration Guide

53-1002266-01

Configuring RADIUS security

32

Syntax: [no] enable snmp <config-radius | config-tacacs>

The <config-radius> parameter specifies the RADIUS configuration mode. RADIUS is disabled by

default.

The <config-tacacs> parameter specifies the TACACS configuration mode. TACACS is disabled by

default.

Identifying the RADIUS server to the Dell PowerConnect device

To use a RADIUS server to authenticate access to a Dell PowerConnect device, you must identify

the server to the Dell PowerConnect device.

Example

PowerConnect(config)#radius-server host 209.157.22.99

Syntax: radius-server host <ip-addr> | <iipv6-addr> | <server-name> [auth-port <number>]

[acct-port <number>]

The host <ip-addr> | <ipv6-addr> | <server-name> parameter is either an IP address or an ASCII

text string.

The <auth-port> parameter is the Authentication port number. The default is 1645.

The <acct-port> parameter is the Accounting port number. The default is 1646.

Specifying different servers for individual AAA functions

In a RADIUS configuration, you can designate a server to handle a specific AAA task. For example,

you can designate one RADIUS server to handle authorization and another RADIUS server to

handle accounting. You can specify individual servers for authentication and accounting, but not

for authorization. You can set the RADIUS key for each server.

To specify different RADIUS servers for authentication, authorization, and accounting, enter

commands such as the following.

PowerConnect(config)#radius-server host 1.2.3.4 authentication-only key abc

PowerConnect(config)#radius-server host 1.2.3.5 authorization-only key def

PowerConnect(config)#radius-server host 1.2.3.6 accounting-only key ghi

Syntax: radius-server host <ip-addr> | <ipv6-addr> | <server-name> [auth-port <number>]

[acct-port <number>] [authentication-only | accounting-only | default] [key 0 | 1

<string>]

The default parameter causes the server to be used for all AAA functions.

After authentication takes place, the server that performed the authentication is used for

authorization and accounting. If the authenticating server cannot perform the requested function,

then the next server in the configured list of servers is tried; this process repeats until a server that

can perform the requested function is found, or every server in the configured list has been tried.

previous next