H3C S9500 Series Operation Manual page 1161
Routing switches
Hide thumbs
Also See for S9500 Series:
- Command manual (1842 pages) ,
- Operation manual (1014 pages) ,
- Operating manual (76 pages)
Table of Contents
Advertisement
Operation Manual – AAA RADIUS HWTACACS
H3C S9500 Series Routing Switches
Set IP address and port number of primary RADIUS
authentication/authorization or accounting server.
Restore IP address and port number of primary
RADIUS authentication/authorization or accounting
server to the default values.
Set IP address and port number of secondary
RADIUS authentication/authorization or accounting
server.
Restore IP address and port number of secondary
RADIUS authentication/authorization or accounting
server to the default values.
Note:
When a user logs into the H3C S9500 routing switch that is directly connected with the
user PC, the switch can obtain the valid VLAN of the user (that is, VLAN the user
belongs to). But when the user logs into a H3C S9500 routing switch that is not directly
connected with the user PC (to perform cross-device management, for example), the
switch cannot obtain the valid VLAN information of the user, and thus the switch uses
the default VLAN ID (VLAN 1) to interact with the authentication server for
authentication.
As for the default RADIUS scheme system:
The IP address of the primary authentication server is 127.0.0.1, and the UDP port
number is 1645.
The IP address of the secondary authentication server is 0.0.0.0, and the UDP
port number is 1812.
The IP address of the primary accounting server is 127.0.0.1, and the UDP port
number is 1646
The IP address of the secondary accounting server is 0.0.0.0, and the UDP port
number is 1813;
As for the newly created RADIUS scheme:
The IP address of the primary/secondary authentication server is 0.0.0.0, and the
UDP port number of this server is 1812;
The IP address of the primary/secondary accounting server is 0.0.0.0, and the
UDP port number of this server is 1813;
In real networking environments, the above parameters shall be set according to the
specific requirements. For example, you may specify 4 groups of different data to map 4
RADIUS
To do...
servers,
or
specify
Chapter 1 AAA, RADIUS and HWTACACS
primary { accountig |
authenticaiton } ip-address
[ port-number ]
undo primary { accounting
| authentication }
secondary { accounting |
authentication } ip-address
[ port-number ]
undo secondary
{ accounting |
authentication }
one
of
the
two
1-16
Protocol Configuration
Use the command...
servers
as
primary
Advertisement
Chapters
Table of Contents
Troubleshooting
