Manually Monitoring Radius Servers Or Groups; Verifying The Radius Configuration - Cisco Nexus 9000 Series Configuration Manual

Manually Monitoring RADIUS Servers or Groups

1. Enable RSA SecurID token server authentication.
2. Add the RSA SecurID token server to the Unknown User Policy database.
Manually Monitoring RADIUS Servers or Groups
You can manually issue a test message to a RADIUS server or to a server group.
SUMMARY STEPS
1. test aaa server radius {ipv4-address | ipv6-address | hostname} [vrf vrf-name] username password
2. test aaa group group-name username password
DETAILED STEPS
Command or Action
Step 1 test aaa server radius {ipv4-address | ipv6-address |
hostname} [vrf vrf-name] username password
Example:
switch# test aaa server radius 10.10.1.1 user1
Ur2Gd2BH
Step 2 test aaa group group-name username password
Example:
switch# test aaa group RadGroup user2 As3He3CI

Verifying the RADIUS Configuration

To display RADIUS configuration information, perform one of the following tasks:
Command
show radius {status | pending | pending-diff}
show running-config radius [all]
show startup-config radius
show radius-server [hostname | ipv4-address |
ipv6-address] [directed-request | groups | sorted
| statistics]
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
62
Purpose
Sends a test message to a RADIUS server to confirm
availability.
Sends a test message to a RADIUS server group to confirm
availability.
Purpose
Displays the RADIUS Cisco Fabric Services distribution
status and other details.
Displays the RADIUS configuration in the running
configuration.
Displays the RADIUS configuration in the startup
configuration.
Displays all configured RADIUS server parameters.
Configuring RADIUS