Table of Contents
Advertisement
Command Manual - Security
Quidway S3500 Series Ethernet Switches
Description
Using
key
authentication/authorization or accounting packet. Using undo key command, you can
restore the default key.
RADIUS client (switch system) and RADIUS server use MD5 algorithm to encrypt the
exchanged packets. The two ends verify the packet through setting the encryption key.
Only when the keys are identical can both ends accept the packets from each other and
give responses. So it is necessary to ensure that the keys set on the switch and the
RADIUS server are identical. If the authentication/authorization and accounting are
performed on two different servers with different encryption keys, you are supposed to
set two encryption keys respectively.
For the related commands, see primary accounting, primary authentication, radius
scheme.
Example
Example 1:
# Set the authentication/authorization key of the RADIUS scheme, huawei, to "hello".
[Quidway-radius-huawei] key authentication hello
Example 2:
# Set the accounting packet key of the RADIUS scheme, huawei, to "ok".
[Quidway-radius-huawei] key accounting ok
3.2.9 local-server
Syntax
local-server nas-ip ip-address key password
undo local-server nas-ip ip-address
View
System view
Parameter
nas-ip ip-address: set NAS-IP address of access server. ip-address is expressed in the
format of dotted decimal. By default, there is a local server with the NAS-IP address of
127.0.0.1.
key password: Set password of logon user. password is a character string containing
up to 16 characters.
Chapter 3 AAA & RADIUS Protocol Configuration Commands
command,
you
can
Huawei Technologies Proprietary
3-26
configure
encryption
key
for
RADIUS
- Quick Links:
- Logging in Switch Commands
Hide quick links:
Advertisement
Chapters
Table of Contents
