Authentication
TUT Systems, Inc Page 53 of 104 P/N 220-06288-20
• Support RADIUS ports 1812 and 1813 for RADIUS request and accounting ports
(per official RADIUS assigned ports)
• Support Session-Timeout attribute
• Support Idle-Timeout attribute
• Set the NAS type parameter
Note: RADIUS packages are available for all major Linux distributions.
When you communicate with the RADIUS server, use a shared secret of your choosing
to:
• Authenticate the SMS2000 with the RADIUS server.
• Verify responses returned from the RADIUS server to the SMS2000.
Note:
The auth add radius command does not automatically assume that the
same RADIUS server (with the same name and secret) is used for accounting,
you must configure it with these settings using the acct add command.
Command:
auth add radius server[:auth_port[:acct_port]] secret secret [retrans=times] [retrans-
primary-only=times] [timeout=seconds] [deadtime=minutes] [alias]
Syntax Description
Syntax Description
Server IP address or hostname of the RADIUS server
Secret Password to authenticate the SMS2000 with a RADIUS server
Auth_port Optional TCP/UDP UDP port on which to contact the RADIUS
server for RADIUS authentication requests. Default is 1812
Acct_port Optional TCP/UDP port on which to contact the RADIUS server
for RADIUS accounting requests. Default is 1813
Retrans=times Optional parameter indicating the number of retransmissions to a
RADIUS server with no response. The total number of
transmissions is retrans plus one.
retrans-primary-
only=times
Optional parameter indicating the number of retransmissions to the
primary RADIUS server before simultaneously trying backup and
primary servers. Must be less than retrans. The total number of
transmissions is the to the primary only before contacting backup
servers is retrans-primary-only plus one
timeout=seconds Optional parameter indicating the total number of seconds to wait
after transmitting a request to this RADIUS server without a
response.
deadtime=minutes Optional parameter indicating the number of minutes after a
RADIUS server fails to respond to an initial RADIUS request and
retrans retries before attempting to use that server again. After
failing to respond, a RADIUS server will be DEAD this number of
minutes.