HP (Hewlett-Packard) 2600 Series Switch User Manual


 
5-13
RADIUS Authentication and Accounting
Configuring the Switch for RADIUS Authentication
Note Where the switch has multiple RADIUS servers configured to support authen-
tication requests, if the first server fails to respond, then the switch tries the
next server in the list, and so-on. If none of the servers respond, then the switch
attempts to use the secondary authentication method configured for the type
of access being attempted (console, Telnet, or SSH). If this occurs, refer to
“RADIUS-Related Problems” in the Troubleshooting chapter of the Manage-
ment and Configuration Guide for your switch.
Syntax: aaa authentication num-attempts < 1 - 10 >
Specifies how many tries for entering the correct user-
name and password before shutting down the session
due to input errors. (Default: 3; Range: 1 - 10).
[no] radius-server
key < global-key-string >
Specifies the global encryption key the switch uses with
servers for which the switch does not have a server-
specific key assignment. This key is optional if all
RADIUS server addresses configured in the switch
include a server-specific encryption key. (Default:
Null.)
dead-time < 1 - 1440 >
Optional. Specifies the time in minutes during which
the switch will not attempt to use a RADIUS server that
has not responded to an earlier authentication attempt.
(Default: 0; Range: 1 - 1440 minutes)
radius-server timeout < 1 - 15 >
Specifies the maximum time the switch waits for a
response to an authentication request before counting
the attempt as a failure. (Default: 3 seconds; Range: 1
- 15 seconds)
radius-server retransmit < 1 - 5 >
If a RADIUS server fails to respond to an authentica-
tion request, specifies how many retries to attempt
before closing the session. Default: 3; Range: 1 - 5)