Identifying The Radius Server To The Bigiron Rx; Specifying Different Servers For Individual Aaa Functions; Setting Radius Parameters - Dell PowerConnect B-RX Configuration Manual
Bigiron rx series configuration guide v02.8.00
Hide thumbs
Also See for PowerConnect B-RX:
- Configuration manual (1436 pages) ,
- Getting started manual (32 pages) ,
- Installation manual (240 pages)
Table of Contents
Advertisement
4
Configuring RADIUS security
Identifying the RADIUS server to the BigIron RX
To use a RADIUS server to authenticate access to a BigIron RX, you must identify the server to the
BigIron RX.
BigIron RX(config)# radius-server host 209.157.22.99
Syntax: radius-server host <ip-addr> | <server-name> [auth-port <number> acct-port <number>]
The host <ip-addr>| ipv6 <ipv6-addr> | <server-name> parameter is either an IP address or an
ASCII text string.
The <auth-port> parameter is the Authentication port number; it is an optional parameter. The
default is 1812.
The <acct-port> parameter is the Accounting port number; it is an optional parameter. The default
is 1813.
Specifying different servers for individual AAA functions
In a RADIUS configuration, you can designate a server to handle a specific AAA task. For example,
you can designate one RADIUS server to handle authorization and another RADIUS server to
handle accounting. You can specify individual servers for authentication and accounting, but not
for authorization. You can set the RADIUS key for each server.
To specify different RADIUS servers for authentication, authorization, and accounting.
BigIron RX(config)# radius-server host 1.2.3.4 authentication-only key abc
BigIron RX(config)# radius-server host 1.2.3.5 authorization-only key def
BigIron RX(config)# radius-server host 1.2.3.6 accounting-only key ghi
Syntax: radius-server host <ip-addr> | <server-name> [auth-port <number> acct-port <number>
The default parameter causes the server to be used for all AAA functions.
After authentication takes place, the server that performed the authentication is used for
authorization or accounting. If the authenticating server cannot perform the requested function,
then the next server in the configured list of servers is tried; this process repeats until a server that
can perform the requested function is found, or every server in the configured list has been tried.
Setting RADIUS parameters
You can set the following parameters in a RADIUS configuration:
•
•
•
104
[authentication-only | authorization-only | accounting-only | default] [key <string>]]
RADIUS key – This parameter specifies the value that the BigIron RX sends to the RADIUS
server when trying to authenticate user access.
Retransmit interval – This parameter specifies how many times the BigIron RX will resend an
authentication request when the RADIUS server does not respond. The retransmit value can be
from 1 – 5 times. The default is 3 times.
Timeout – This parameter specifies how many seconds the BigIron RX waits for a response
from a RADIUS server before either retrying the authentication request, or determining that the
RADIUS servers are unavailable and moving on to the next authentication method in the
authentication-method list. The timeout can be from 1 – 15 seconds. The default is 3 seconds.
BigIron RX Series Configuration Guide
53-1002253-01
Advertisement
Table of Contents
