109
Enhancements in Release F.04.08
Configuring RADIUS Authentication and Accounting
2. Configure the Switch To Access a RADIUS Server
This section describes how to configure the switch to interact with a RADIUS server for both
authentication and accounting services. (If you want to configure RADIUS accounting on the switch,
go to “Configuring RADIUS Accounting” on page 114 instead of continuing here.)
Syntax: [no] radius-server host < ip-address > Adds a server to the RADIUS configuration or
(with no) deletes a server from the configura-
tion. You can configure up to three RADIUS
server addresses. The switch uses the first
server it successfully accesses. (Refer to
"Changing the RADIUS Server Access Order"
on page 126.)
[auth-port < port-number >] Optional. Changes the UDP destination
port for authentication requests to the
specified RADIUS server (host). If you do not
use this option with the radius-server host
command, the switch automatically assigns
the default authentication port number. The
auth-port number must match its server
counterpart. (Default: 1812)
[acct-port < port-number >] Optional. Changes the UDP destination
port for accounting requests to the specified
RADIUS server. If you do not use this option
with the radius-server host command, the
switch automatically assigns the default
accounting port number. The acct-port num-
ber must match its server counterpart.
(Default: 1813)
[key < key-string >] Optional. Specifies an encryption key for use
during authentication (or accounting)
sessions with the specified server. This key
must match the encryption key used on the
RADIUS server. Use this command only if the
specified server requires a different
encryption key than configured for the global
encryption key.
no radius-server host < ip-address > key Use the no form of the command to remove
the key for a specified server.