13-32 Administration Guide
hostname to be resolved using the Domain Name System (DNS) information configured in the router or by
using an IP address in dotted-quad notation. The RADIUS Server Addr/Name items are limited to 63
characters.
■ In addition to specifying the server’s hostname or IP address, you must also specify a RADIUS Server
Secret and an Alt RADIUS Server Secret (if configured) known to both the router and the RADIUS server.
The secret is used to encrypt RADIUS transactions in transit. The RADIUS Server Secret items are limited
to 31 characters.
The router’s RADIUS client implementation supports passwords longer than 16 characters and properly
encrypts such passwords per RFC 2138. Not all RADIUS server implementations handle passwords longer
than 16 characters.
■ RADIUS Identifier can be either an IP address or an arbitrary string to be used as the identifier in the
router’s outgoing Access-Request packets. The RADIUS identifier is limited to 63 characters.
■ RADIUS Server Authentication Port specifies the UDP destination port to which the router’s RADIUS
authentication requests will be sent. The default value is 1812, the official IANA-assigned UDP port
number for the RADIUS authentication service.
WW
WW
aa
aa
rr
rr
nn
nn
ii
ii
nn
nn
gg
gg
aa
aa
ll
ll
ee
ee
rr
rr
tt
tt
ss
ss
Certain security-related configuration changes cause the router to display a warning alert. Choosing either Local
then RADIUS or RADIUS then Local from the Security Databases pop-up menu when there are no configured
username/password pairs causes the router to present the following warning alert:
Advanced Security Options
+---------------------------------------------------------------+
+---------------------------------------------------------------+
| |
| You have no local passwords defined. If you continue you will |
| be unable to configure this device unless a Radius Server is |
| available to authenticate you. |
| |
| CONTINUE CANCEL |
| |
+---------------------------------------------------------------+