3Com 7700 Configuration Manual page 263

Table 20 Set IP Address and Port Number of RADIUS Server
Operation
Restore IP address and port
number of second RADIUS
authentication/authorization
or server to the default values.
Set IP address and port
number of second RADIUS
accounting server.
Restore IP address and port
number of second RADIUS
accounting server or server to
the default values.
In real networking environments, the above parameters should be set according to
the specific requirements. For example, you may specify 4 groups of different data
to map 4 RADIUS servers, or specify one of the two servers as primary
authentication/authorization server and second accounting server and the other
one as second authentication/authorization server and primary accounting server.
You may also set 4 groups of exactly same data so that every server serves as a
primary and second AAA server.
To guarantee the normal interaction between NAS and RADIUS server, you are
supposed to guarantee the normal routes between RADIUS server and NAS before
setting IP address and UDP port of the RADIUS server. Because RADIUS protocol
uses different UDP ports to receive/transmit authentication/authorization and
accounting packets, you should set two different ports accordingly. Suggested by
RFC2138/2139, authentication/authorization port number is 1812 and accounting
port number is 1813. However, you may use values other than suggested ones.
(Especially for some earlier RADIUS Servers, authentication/authorization port
number is often set to 1645 and accounting port number is 1646.)
The RADIUS service port settings on The Switch 7700 need to be consistent with
the port settings on RADIUS server. Normally, RADIUS accounting service port is
1813 and the authentication/authorization service port is 1812.
By default, all the IP addresses of primary/second authentication/authorization and
accounting servers are 0.0.0.0, authentication/authorization service port is 1812
and accounting service UDP port is 1813.
Setting the RADIUS Packet Encryption Key
RADIUS client (switch system) and RADIUS server use MD5 algorithm to encrypt
the exchanged packets. The two ends verify the packet through setting the
encryption key. Only when the keys are identical can both ends to accept the
packets from each other end and give response.
Perform the following configurations in RADIUS server group view.
Table 21 Set RADIUS Packet Encryption Key
Operation
Set RADIUS
authentication/authorization
packet encryption key
Configuring the AAA and RADIUS Protocols
Command
undo secondary authentication
Secondary accounting ip-address [port-number]
undo secondary accounting
Command
key authentication string
255