Secondary Authentication (Radius Scheme View) - HP 3600 v2 Series Command Reference Manual
Hide thumbs
Also See for 3600 v2 Series:
- Command reference manual (510 pages) ,
- Configuration manual (449 pages) ,
- Security configuration manual (398 pages)
Table of Contents
Advertisement
[Sysname] radius scheme radius2
[Sysname-radius-radius2] secondary accounting 10.110.1.1 1813 key hello
[Sysname-radius-radius2] secondary accounting 10.110.1.2 1813 key hello
secondary authentication (RADIUS scheme view)
Syntax
secondary authentication { ipv4-address | ipv6 ipv6-address } [ port-number | key [ cipher | simple ]
key | vpn-instance vpn-instance-name ] *
undo secondary authentication [ ipv4-address | ipv6 ipv6-address ]
View
RADIUS scheme view
Default level
2: System level
Parameters
ipv4-address: IPv4 address of the secondary authentication/authorization server, in dotted decimal
notation.
ipv6 ipv6-address: IPv6 address of the secondary authentication/authorization server.
port-number: Service port number of the secondary authentication/authorization server, a UDP port
number in the range of 1 to 65535. The default is 1812.
key [ cipher | simple ] key: Specifies the shared key (case sensitive) for secure communication with the
secondary RADIUS authentication/authorization server. Follow these guidelines:
This shared key must be the same as that configured on the RADIUS server.
•
•
With the cipher keyword specified, the key must be a ciphertext string of 12, 24, 32, 44, 64, 76, 88,
or 96 characters, for example, _(TT8F]Y\5SQ=^Q`MAF4<1!!, and the key will be displayed in
cipher text.
With the simple keyword specified, the key must be a plaintext string of 1 to 64 characters, for
•
example aabbcc, and the key will be displayed in plain text.
•
With neither the cipher keyword nor the simple keyword specified, the key must be a plaintext string
of 1 to 64 characters, and the key will be displayed in cipher text.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN that the secondary RADIUS
authentication/authorization server belongs to, where vpn-instance-name is a case-sensitive string of 1 to
31 characters. If the server is on the public network, do not specify this option.
Description
Use the secondary authentication command to specify secondary RADIUS authentication/authorization
servers for a RADIUS scheme.
Use
the
authentication/authorization server.
By default, no secondary RADIUS authentication/authorization server is specified.
You can configure up to 16 secondary RADIUS authentication/authorization servers for a RADIUS
scheme by executing this command repeatedly. After the configuration, if the primary server fails, the
switch looks for a secondary server in active state (a secondary RADIUS authentication/authorization
server configured earlier has a higher priority) and tries to communicate with it.
undo
secondary
authentication
command
to
66
remove
a
secondary
RADIUS
- Quick Links:
- Local User Configuration Commands
Hide quick links:
Advertisement
Table of Contents
