HP 5120 SI series Command Reference Manual page 62
Hide thumbs
Also See for 5120 SI series:
- Security configuration manual (385 pages) ,
- Installation manual (48 pages) ,
- Specification (33 pages)
Table of Contents
Advertisement
Default level
2: System level
Parameters
ipv4-address: IPv4 address of the primary authentication/authorization server.
ipv6 ipv6-address: IPv6 address of the primary authentication/authorization server.
port-number: UDP port number of the primary authentication/authorization server, which ranges from 1
to 65535 and defaults to 1812.
key [ cipher | simple ] key: Specifies a case-sensitive shared key for secure communication with the
primary RADIUS authentication/authorization server.
cipher key: Specifies a ciphertext shared key, which is a string of 1 to 1 17 characters in non-FIPS
•
mode and a string of 8 to 1 17 characters in FIPS mode.
simple key: Specifies a plaintext shared key. In non-FIPS mode, the key is a string of 1 to 64
•
characters. In FIPS mode, the key is a string of 8 to 64 characters that must include uppercase letters,
lowercase letters, numbers, and special characters.
If neither cipher nor simple is specified, you set a plaintext shared key string.
•
probe
username:
authentication/authorization server.
username name: Specifies the username in the authentication request that is used to detect the status of
the primary RADIUS authentication/authorization server.
interval interval: Specifies the interval between two server status detections. The value ranges from 1 to
3600 and defaults to 60, in minutes.
Description
Use the primary authentication command to specify the primary RADIUS authentication/authorization
server.
Use the undo primary authentication command to remove the configuration.
By default, no primary RADIUS authentication/authorization server is specified.
After creating a RADIUS scheme, you are supposed to configure the IP address and UDP port of each
RADIUS server (primary/secondary authentication/authorization or accounting server). Ensure that at
least one authentication/authorization server and one accounting server are configured, and that the
RADIUS service port settings on the device are consistent with the port settings on the RADIUS servers.
The shared key configured on the device for authentication/authorization packets and that configured on
the RADIUS server must be consistent.
The shared key configured by this command takes precedence over that configured by using the key
authentication [ cipher | simple ] key command.
The IP addresses of the primary and secondary authentication/authorization servers cannot be the same.
Otherwise, the configuration fails.
The IP addresses of the primary and secondary authentication/authorization servers must be of the same
IP version.
The IP addresses of the authentication/authorization servers and those of the accounting servers must be
of the same IP version.
In an authentication process, if you remove the primary authentication server, the communication with the
original primary server will time out, and the device will look for a server in active state from scratch: the
Enables
the
device
to
detect
the
status
51
of
the
primary
RADIUS
- Quick Links:
- Command Reference
Hide quick links:
Advertisement
Table of Contents
