It is recommended to specify only the primary RADIUS authentication/authorization server if
backup is not required.
If both the primary and secondary authentication/authorization servers are specified, the
secondary one is used when the primary one is unreachable.
In practice, you may specify two RADIUS servers as the primary and secondary
authentication/authorization servers respectively. At one time, a server can be the primary
authentication/authorization server for a scheme and the secondary authentication/authorization
servers for another scheme.
The IP addresses of the primary and secondary authentication/authorization servers for a scheme
cannot be the same. Otherwise, the configuration fails.
All servers for authentication/authorization and accountings, primary or secondary, must use IP
addresses of the same IP version.
Specifying the RADIUS Accounting Servers and Relevant Parameters
Follow these steps to specify the RADIUS accounting servers and perform related configurations:
To do...
Enter system view
Enter RADIUS scheme view
Specify the primary RADIUS
accounting server
Specify the secondary RADIUS
accounting server
Enable the device to buffer
stop-accounting requests
getting no responses
Set the maximum number of
stop-accounting request
transmission attempts
Set the maximum number of
accounting request
transmission attempts
Use the command...
system-view
radius scheme
radius-scheme-name
primary accounting
{ ip-address | ipv6
ipv6-address } [ port-number ]
secondary accounting
{ ip-address | ipv6
ipv6-address } [ port-number ]
stop-accounting-buffer
enable
retry stop-accounting
retry-times
retry realtime-accounting
retry-times
1-26
Remarks
—
—
Required
Configure at least one of the
commands
No accounting server by default
Optional
Enabled by default
Optional
500 by default
Optional
5 by default