set radius-snooping flow
Example
This example enables RS on ports ge.1.10 through ge.1.15, sets the timeout to 15 seconds and
enables drop:
Matrix(rw)->set radius-snooping enable timeout 15 drop enable ge.1.10-15
set radius-snooping flow
Use this command to provide for the entering of RADIUS client and server session flow entries
into the RS flow table.
Syntax
set radius-snooping flow index client-IP-Address server-IP-Address {port |
standard} [secret]
Parameters
index
client‐IP‐Address
server‐IP‐Address
port
standard
secret
Defaults
If no secret is specified, no secret is used for this flow entry.
Mode
Read‐write.
Usage
RADIUS flows defined in the RS flow table are snooped if RS is enabled for both the system and
this port.
Flow entries are added to the flow table based upon the entry index value. The first matching
entry in the table is the entry used for the continuation of the authentication process.
If a secret is configured on the authentication server and not configured here, no validation will
occur.
Example
This example creates an index 1 entry in the RADIUS flow table for client 192.10.5.10 and server
192.10.20.1 for the standard UPD port 1812 with a secret mysecret:
Matrix(rw)->set radius-snooping flow 1 192.10.5.10 192.10.20.1 standard mysecret
Specifies a numeric index ID for this flow table entry.
Specifies the client IP address for this RS flow table entry.
Specifies the server IP address for this RS flow table entry.
Specifies the RADIUS UDP port to use for this RS flow table entry.
Specifies RADIUS UDP standard port 1812.
Specifies the RADIUS secret for this RS flow table entry.
Enterasys Matrix DFE-Gold Series Configuration Guide 26-5
Understanding RADIUS Snooper