HP MSR Series Configuration Manual page 42
Hpe flexnetwork msr router series
Hide thumbs
Also See for MSR Series:
- Configuration manual (889 pages) ,
- Command reference manual (684 pages) ,
- Wan access configuration manual (293 pages)
Table of Contents
Advertisement
Step
3.
Specify RADIUS
authentication servers.
Specifying the RADIUS accounting servers and the relevant parameters
You can specify one primary accounting server and a maximum of 16 secondary accounting servers
for a RADIUS scheme. When the primary server is not available, the device searches for the
secondary servers in the order they are configured. The first secondary server in active state is used
for communication.
If redundancy is not required, specify only the primary server. A RADIUS accounting server can
function as the primary accounting server for one scheme and a secondary accounting server for
another scheme at the same time.
The device sends a stop-accounting request to the accounting server in the following situations:
•
The device receives a connection teardown request from a host.
•
The device receives a connection teardown command from an administrator.
When the maximum number of real-time accounting attempts is reached, the device disconnects
users who have no accounting responses.
RADIUS does not support accounting for FTP, SFTP, and SCP users.
To specify RADIUS accounting servers and the relevant parameters for a RADIUS scheme:
Step
1.
Enter system view.
2.
Enter RADIUS scheme view.
3.
Specify RADIUS accounting
servers.
Command
•
Specify the primary RADIUS
authentication server:
primary authentication
{ ipv4-address | ipv6
ipv6-address } [ port-number |
key { cipher | simple } string |
test-profile profile-name |
vpn-instance
vpn-instance-name ] *
•
Specify a secondary RADIUS
authentication server:
secondary authentication
{ ipv4-address | ipv6
ipv6-address } [ port-number |
key { cipher | simple } string |
test-profile profile-name |
vpn-instance
vpn-instance-name ] *
Command
system-view
radius scheme radius-scheme-name
•
Specify the primary RADIUS
accounting server:
primary accounting { ipv4-address |
ipv6 ipv6-address } [ port-number | key
{ cipher | simple } string |
vpn-instance vpn-instance-name ] *
•
Specify a secondary RADIUS
accounting server:
secondary accounting { ipv4-address
| ipv6 ipv6-address } [ port-number |
key { cipher | simple } string |
vpn-instance vpn-instance-name ] *
27
Remarks
By default, no authentication
server is specified.
To support server status detection,
specify an existing test profile for
the RADIUS authentication server.
If the test profile does not exist, the
device cannot detect the server
status.
Two authentication servers in a
scheme, primary or secondary,
cannot have the same
combination of IP address, port
number, and VPN.
Remarks
N/A
N/A
By default, no
accounting server is
specified.
Two accounting servers
in a scheme, primary or
secondary, cannot have
the same combination
of IP address, port
number, and VPN.
- Quick Links:
- Configuring Local Users
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
