State Primary - HP FlexNetwork MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (392 pages) ,
- Configuration manuals (159 pages)
Advertisement
•
RADIUS server reachable notification—The RADIUS server can be reached. RADIUS
generates this notification for a previously blocked RADIUS server after the quiet timer expires.
•
Excessive authentication failures notification—RADIUS generates this notification when
the number of authentication failures to the total number of authentication attempts exceeds the
specified threshold.
Examples
# Enable the SNMP agent to send RADIUS accounting server unreachable notifications.
<Sysname> system-view
[Sysname] snmp-agent trap enable radius accounting-server-down
state primary
Use state primary to set the status of a primary RADIUS server.
Syntax
state primary { accounting | authentication } { active | block }
Default
A primary RADIUS server is in active state.
Views
RADIUS scheme view
Predefined user roles
network-admin
Parameters
accounting: Specifies the primary RADIUS accounting server.
authentication: Specifies the primary RADIUS authentication server.
active: Specifies the active state, the normal operation state.
block: Specifies the blocked state, the out-of-service state.
Usage guidelines
During an authentication or accounting process, the device first tries to communicate with the
primary server if the primary server is in active state. If the primary server is unavailable, the device
performs the following operations:
•
Changes the status of the primary server to blocked.
•
Starts a quiet timer for the server.
•
Tries to communicate with a secondary server in active state.
When the quiet timer of the primary server times out, the status of the server automatically changes
to active. If you set the server status to blocked before the quiet timer times out, the server status
cannot change back to active unless you manually set the status to active.
When the primary server and all secondary servers are in blocked state, the device tries to
communicate with the primary server.
This command can affect the RADIUS server status detection feature when a valid test profile is
specified for a primary RADIUS authentication server.
•
If you set the status of the server to blocked, the device stops detecting the status of the server.
•
If you set the status of the server to active, the device starts to detect the status of the server.
109
Advertisement
