5-6
RADIUS Authentication and Accounting
Configuring the Switch for RADIUS Authentication
Configuring the Switch for RADIUS
Authentication
• Determine an acceptable timeout period for the switch to wait for a server to respond to a request. ProCurve
recommends that you begin with the default (five seconds).
• Determine how many times you want the switch to try contacting a RADIUS server before trying another RADIUS
server or quitting. (This depends on how many RADIUS servers you have configured the switch to access.)
• Determine whether you want to bypass a RADIUS server that fails to respond to requests for service. To shorten
authentication time, you can set a bypass period in the range of 1 to 1440 minutes for non-responsive servers. This
requires that you have multiple RADIUS servers accessible for service requests.
RADIUS Authentication Commands Page
aaa authentication 5-8
< console | telnet | ssh | web > < enable | login > radius* 5-8
< local | none > 5-8
[no] radius-server host < IP-address >5-10
[auth-port < port-number >] 5-10
[acct-port < port-number >] 5-10, 5-20
[key < server-specific key-string >] 5-10
[no] radius-server key < global key-string >5-12
radius-server timeout < 1 - 15> 5-12
radius-server retransmit < 1 - 5 > 5-12
[no] radius-server dead-time < 1 - 1440 > 5-14
show radius 5-25
[< host < ip-address>] 5-25
show authentication 5-27
show radius authentication 5-27
* The web authentication option for the web browser interface is available on
the 2600, 2600-PWR, and 2800 switches running software releases H.08.58
and I.08.60 or greater.