Table of Contents
Advertisement
Managing Authentication Servers
-> aaa radius-server rad1 key mozart
If you are modifying the server and have just entered the aaa radius-server command to create or modify
the server, you can use command prefix recognition. For example:
-> aaa radius-server rad1 retransmit 5
-> timeout 5
For information about server defaults, see
To remove a RADIUS server, use the no form of the command:
-> no aaa radius-server rad1
Note that only one server can be deleted at a time.
Radius over TLS
Radius over Transport Layer Security (TLS) provides secured communication between RADIUS and TCP
peers using TLS. RADIUS uses MD5 algorithm for secured communication, implementation of TLS
further reduces the risk of attack on MD5 encrypted RADIUS packets. There by all RADIUS requests and
RADIUS responses are encrypted and transferred between OmniSwitch and RADIUS server.
Configuring TLS for RADIUS Server
To configure TLS for RADIUS server, Secure Sockets Layer (SSL) must be enable for RADIUS server.
To enable SSL use the
-> aaa radius-server radsrv1 host rad1_ipaddr key rad1_secret vrf-name rad_vrf
ssl
To verify the status of SSL for RADIUS server, use the
enabled is TRUE, then the TLS is enabled for the RADIUS server.
Note. The supported TLS versions are TLSv1.1 and TLSv1.2.
OmniSwitch AOS Release 8 Network Configuration Guide
"Server Defaults" on page
aaa radius-server
CLI command.
31-2.
show aaa server
CLI command. If the SSL
December 2017
RADIUS Servers
page 31-12
- Quick Links:
- Ethernet Port Defaults
Hide quick links:
Advertisement
Table of Contents
