Primary Authentication - H3C s3100 series Command Manual
Hide thumbs
Also See for s3100 series:
- Command manual (1244 pages) ,
- Operation manual (1057 pages) ,
- Installation manual (94 pages)
Table of Contents
Advertisement
# Specify the IP address of the primary accounting server for RADIUS scheme radius1 as 10.110.1.2,
the UDP port of the server as 1813, and the shared key of accounting packets as key1.
<Sysname> system-view
[Sysname] radius scheme radius1
[Sysname-radius-radius1] primary accounting 10.110.1.2 1813 key key1
primary authentication
Syntax
primary authentication { ip-address | ipv6 ipv6-address } [ port-number ] [ key string ]
undo primary authentication
View
RADIUS scheme view
Parameters
ip-address: IP address of the primary authentication/authorization server to be used, in dotted decimal
notation.
ipv6 ipv6-address: IPv6 address of the primary authentication/authorization server.
port-number: UDP port number of the primary authentication/authorization server, ranging from 1 to
65535.
key string: Specifies the shared key for exchanging authentication and authorization packets with the
primary RADIUS authentication/authorization server. A shared key is a case-sensitive string of 1 to 16
characters.
Description
Use the primary authentication command to set the IP address, port number and shared key of the
primary RADIUS authentication/authorization server used by the current RADIUS scheme.
Use the undo primary authentication command to restore the default IP address and port number of
the primary RADIUS authentication/authorization server, which are 0.0.0.0 and 1812 respectively.
In the system default RADIUS scheme "system", the default IP address of the primary
authentication/authorization server is 127.0.0.1 and the default UDP port number is 1645. In a new
RADIUS scheme, the default IP address of the primary authentication/authorization server is 0.0.0.0
and the default UDP port number is 1812.
Note that:
After creating a new RADIUS scheme, you should configure the IP address and UDP port number
of each RADIUS server you want to use in this scheme. These RADIUS servers fall into two types:
authentication/authorization, and accounting. For each kind of server, you can configure two
servers in a RADIUS scheme: primary and secondary servers.
In an actual network environment, you can make RADIUS server-related configuration as required.
But you should configure at least one authentication/authorization server and one accounting
server, and at the same time, you should keep the RADIUS server port settings on the switch
consistent with those on the RADIUS servers.
You can configure a shared key for the primary authentication/authorization server by specifying
key string in this command. The shared key configured in this command is used in preference. If
1-48
- Quick Links:
- Cli Configuration Commands
- Login
Hide quick links:
Advertisement
Chapters
Table of Contents
