HP 10500 Series Configuration Manual page 35

Changing the RADIUS server type restores the unit for data flows and that for the packets sent to the
RADIUS server to the defaults.
To set the RADIUS server type:
Step
1. Enter system view.
2. Enter RADIUS scheme view.
3. Set the RADIUS server type.
Setting the maximum number of RADIUS request transmission attempts
RADIUS uses UDP packets to transfer data. UDP communication is not reliable. To improve reliability,
RADIUS uses a retransmission mechanism. If a NAS sends a RADIUS request to a RADIUS server but
receives no response before the response timeout timer (defined by the timer response-timeout command)
expires, it retransmits the request. If the number of transmission attempts exceeds the specified limit but
it still receives no response, it tries to communicate with other RADIUS servers in active state. If no other
servers are in active state at the time, it considers the authentication or accounting attempt a failure. For
more information about RADIUS server states, see
The maximum number of transmission attempts of RADIUS packets multiplied by the RADIUS server
response timeout period cannot be greater than 75 seconds. For more information about the RADIUS
server response timeout timer, see
To set the maximum number of RADIUS request transmission attempts for a scheme:
Step
1. Enter system view.
2. Enter RADIUS scheme view.
3. Set the maximum number of
RADIUS request transmission
attempts.
Setting the status of RADIUS servers
By setting the status of RADIUS servers to blocked or active, you can control which servers the device
communicates with for AAA or uses when the current servers are no longer available. In practice, you
can specify one primary RADIUS server and multiple secondary RADIUS servers, with the secondary
servers functioning as the backup of the primary servers. Generally, the device chooses servers based on
these rules:
When the primary server is in active state, the device communicates with the primary server.
•
If the primary server fails, the device changes the server's status to blocked, starts a quiet timer for
the server, and tries to communicate with a secondary server in active state (a secondary server
configured earlier has a higher priority).
If the secondary server is unreachable, the device changes the server's status to blocked, starts a
quiet timer for the server, and continues to check the next secondary server in active state. This
search process continues until the device finds an available secondary server or has checked all
secondary servers in active state.
Command
system-view
radius scheme radius-scheme-name
server-type { extended | standard }
"Setting the status of RADIUS
"Setting RADIUS timers."
Command
system-view
radius scheme
radius-scheme-name
retry retry-times
25
Remarks
N/A
N/A
Optional.
The default RADIUS server type
is standard.
servers."
Remarks
N/A
N/A
Optional.
The default setting is 3.