Specifying Different Servers For Individual Aaa Functions; Setting Radius Parameters - Dell PowerConnect B-RX Configuration Manual
Bigiron rx series configuration guide v02.7.02
Hide thumbs
Also See for PowerConnect B-RX:
- Configuration manual (1458 pages) ,
- Getting started manual (32 pages) ,
- Installation manual (240 pages)
Table of Contents
Advertisement
4
Configuring RADIUS security
Specifying different servers for individual AAA functions
In a RADIUS configuration, you can designate a server to handle a specific AAA task. For example,
you can designate one RADIUS server to handle authorization and another RADIUS server to
handle accounting. You can specify individual servers for authentication and accounting, but not
for authorization. You can set the RADIUS key for each server.
To specify different RADIUS servers for authentication, authorization, and accounting.
BigIron RX(config)# radius-server host 1.2.3.4 authentication-only key abc
BigIron RX(config)# radius-server host 1.2.3.5 authorization-only key def
BigIron RX(config)# radius-server host 1.2.3.6 accounting-only key ghi
Syntax: radius-server host <ip-addr> | <server-name> [auth-port <number> acct-port <number>
The default parameter causes the server to be used for all AAA functions.
After authentication takes place, the server that performed the authentication is used for
authorization or accounting. If the authenticating server cannot perform the requested function,
then the next server in the configured list of servers is tried; this process repeats until a server that
can perform the requested function is found, or every server in the configured list has been tried.
Setting RADIUS parameters
You can set the following parameters in a RADIUS configuration:
•
•
•
Setting the RADIUS key
The key parameter in the radius-server command is used to encrypt RADIUS packets before they
are sent over the network. The value for the key parameter on the device should match the one
configured on the RADIUS server. The key can be from 1 – 32 characters in length and cannot
include any space characters.
Use the command to specify a RADIUS server key.
BigIron RX(config)# radius-server key mirabeau
Syntax: radius-server key [0 | 1] <string>
When you display the configuration of the BigIron RX, the RADIUS key is encrypted.
102
[authentication-only | authorization-only | accounting-only | default] [key <string>]]
RADIUS key – This parameter specifies the value that the device sends to the RADIUS server
when trying to authenticate user access.
Retransmit interval – This parameter specifies how many times the device will resend an
authentication request when the RADIUS server does not respond. The retransmit value can be
from 1 – 5 times. The default is 3 times.
Timeout – This parameter specifies how many seconds the device waits for a response from a
RADIUS server before either retrying the authentication request, or determining that the
RADIUS servers are unavailable and moving on to the next authentication method in the
authentication-method list. The timeout can be from 1 – 15 seconds. The default is 3 seconds.
BigIron RX Series Configuration Guide
53-1001810-01
Advertisement
Table of Contents
