Radius Session-Control Client - H3C MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for MSR Series:
- Command reference manual (174 pages) ,
- Configuration manual (80 pages) ,
- Manual (33 pages)
Table of Contents
Advertisement
[Sysname] radius scheme radius1
[Sysname-radius-radius1]
Related commands
display radius scheme
radius session-control client
Use radius session-control client to specify a RADIUS session-control client.
Use undo radius session-control client to remove the specified RADIUS session-control clients.
Syntax
radius session-control client { ip ipv4-address | ipv6 ipv6-address } [ key { cipher | simple } string
| vpn-instance vpn-instance-name ] *
undo radius session-control client { all | { ip ipv4-address | ipv6 ipv6-address } [ vpn-instance
vpn-instance-name ] }
Default
No RADIUS session-control clients are specified. The device searches all RADIUS scheme settings
to verify session-control packets.
Views
System view
Predefined user roles
network-admin
Parameters
ip ipv4-address: Specifies a session-control client by its IPv4 address.
ipv6 ipv6-address: Specifies a session-control client by its IPv6 address.
key: Specifies the shared key for secure communication with the session-control client.
cipher: Specifies the key in encrypted form.
simple: Specifies the key in plaintext form. For security purposes, the key specified in plaintext form
will be stored in encrypted form.
string: Specifies the key. This argument is case sensitive.
•
In non-FIPS mode, the encrypted form of the key is a string of 1 to 117 characters. The plaintext
form of the key is a string of 1 to 64 characters.
•
In FIPS mode, the encrypted form of the key is a string of 15 to 117 characters. The plaintext
form of the key is a string of 15 to 64 characters. The plaintext string must contain digits,
uppercase letters, lowercase letters, and special characters.
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance to which the RADIUS
session-control client belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31
characters. If the client is on the public network, do not specify this option.
all: Specifies all session-control clients.
Usage guidelines
This command takes effect only when the RADIUS session-control feature is enabled.
Specify a RADIUS server that runs on IMC as a session-control client on the device to verify the
session-control packets sent from the RADIUS server. The device matches the received packets to
the session-control client based on IP and VPN instance settings, and then uses the client shared
key to validate the packets.
105
Advertisement
Table of Contents
