3Com 8807 Configuration Manual page 249
8800 series
Hide thumbs
Also See for 8807:
- Command reference manual (1099 pages) ,
- Installation manual (104 pages) ,
- Product manual (15 pages)
Table of Contents
Advertisement
Setting the Port State of
the Local RADIUS Server
Setting the Maximum
Retry Times for RADIUS
Request Packets
Setting RADIUS Server
Response Timeout Timer
Table 210 Configure the VPN of the RADIUS Server
Operation
Restore the VPN attribute of RADIUS Server to the default value
The RADIUS Server does not belong to any VPN by default.
The local RADIUS server uses the switch itself as the RADIUS server, with port 1645
as authentication port and port 1646 as accounting port. The two ports are
enabled in the initial state, without any corresponding command lines to
enable/disable them. Considering the policy of maximum security, certain
measures are taken to control the ports to eliminate potential security troubles.
Perform the following configuration in system view.
Table 211 Set the port state of the local RADIUS server
Operation
Enable the port of the local RADIUS server
Disable the port of the local RADIUS server
By default, the local RADIUS server is enabled, and port 1645 and port 1646 are
enabled.
Because RADIUS Protocol carries data through UDP packets, its communication
process is not reliable. If the RADIUS Server does not respond to the NAS within
the time specified by the response timeout timer, it is necessary for the NAS to
retry sending the RADIUS request packets to the RADIUS Server. If the number of
retry times exceeds maximum retry times while the RADIUS Server still does not
respond, the NAS will assume its communication with the current RADIUS Server
to have been cut off and will send request packets to another RADIUS Server.
Use the following commands to set the maximum retry times of sending RADIUS
request packets.
Perform the following configuration in RADIUS scheme view.
Table 212 Set the maximum retry times of sending RADIUS request packets
Operation
Set the maximum retry times of sending RADIUS request packets
Restore the maximum retry times of sending RADIUS request packets to
the default value
By default, the maximum retry times of sending RADIUS request packets is 3.
If the NAS fails to receive the response from RADIUS server a certain period of time
after it sends a RADIUS request packet (authentication/authorization request or
accounting request), it should retransmit the RADIUS request packet to ensure the
RADIUS service for the user.
You can use the following command to set the response timeout timer of the
RADIUS server.
Configuring RADIUS Protocol
Command
undo vpn-instance
Command
local-server enable
undo local-server
249
Command
retry retry-times
undo retry
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
