Table of Contents
Advertisement
Command Manual - Security
Quidway S2000 Series Ethernet Switches
2.2.6 key
Syntax
key { accounting | authentication } string
undo key { accounting | authentication }
View
RADIUS server group view
Parameter
accounting: Configures to set/delete the encryption key for RADIUS accounting
packet.
authentication: Configures
authentication/authorization packet.
string: Specifies the key with a character string not exceeding 16 characters, excluding
"/", ": ", "*", "? ", "<" and ">". By default, the key is "huawei".
Description
Using
key
authentication/authorization or accounting packet. Using undo key command, you can
restore the default key.
RADIUS client (switch system) and RADIUS server use MD5 algorithm to encrypt the
exchanged packets. The two ends verify the packet through setting the encryption key.
Only when the keys are identical can both ends accept the packets from each other and
give responses. So it is necessary to ensure that the keys set on the switch and the
RADIUS server are identical. If the authentication/authorization and accounting are
performed on two different servers with different encryption keys, you are supposed to
set two encryption keys respectively.
For the related commands, see primary accounting, primary authentication, radius
scheme
Example
Example 1:
# Set the authentication/authorization key of the RADIUS server group, huawei, to
"hello".
[Quidway-radius-huawei] key authentication hello
Example 2:
# Set the accounting packet key of the RADIUS server group, huawei, to "ok".
[Quidway-radius-huawei] key accounting ok
to set/delete the
command,
you
can
2-20
Chapter 2 AAA Configuration Commands
encryption
configure
encryption
key for
RADIUS
key
for
RADIUS
Hide quick links:
Advertisement
Chapters
Table of Contents
