Creating/Deleting A Radius Scheme; Configuring Radius Authentication/Authorization Servers - 3Com 5500-SI Configuration Manual

Creating/Deleting a
RADIUS Scheme
Configuring RADIUS
Authentication/
Authorization Servers
Among the above tasks, creating the RADIUS scheme and setting the IP address of
the RADIUS server are required, while other tasks are optional and can be performed
as per your requirements.
As mentioned above, RADIUS protocol configurations are performed on the per
RADIUS scheme basis. Therefore, before performing other RADIUS protocol
configurations, it is essential to create the RADIUS scheme and enter its view to set its
IP address.
You can use the following commands to create/delete a RADIUS scheme.
Perform the following configurations in System View.
Table 450 Creating/Deleting a RADIUS Server Group
Operation
Create a RADIUS scheme and enter its view
Delete a RADIUS scheme
Several ISP domains can use a RADIUS scheme at the same time. You can configure
up to 16 RADIUS schemes, including the default scheme named as
By default, the system has a RADIUS scheme named as
all default values. The default attribute values will be introduced in the following text.
After creating a RADIUS scheme, you have to set IP addresses and UDP port numbers
for the RADIUS servers, including primary/secondary authentication/authorization
servers and accounting servers. You can configure up to four groups of IP addresses
and UDP port numbers. However, as a minimum, you have to set one group of IP
address and UDP port number for each pair of primary/secondary servers to ensure
the normal AAA operation.
You can use the following commands to configure the IP address and port number for
RADIUS servers.
Perform the following configurations in RADIUS Scheme View.
Table 451 Configuring RADIUS Authentication/Authorization Servers
Operation
Set IP address and port number of primary
RADIUS authentication/authorization server.
Restore IP address and port number of primary
RADIUS authentication/authorization server to
the default values.
Set IP address and port number of secondary
RADIUS authentication/authorization server.
Restore IP address and port number of second
RADIUS authentication/authorization server to
the default values.
By default, as for the newly created RADIUS scheme, the IP address of the primary
authentication server is 0.0.0.0, and the UDP port number of this server is 1812; as
for the "system" RADIUS scheme created by the system, the IP address of the primary
authentication server is 127.0.0.1, and the UDP port number is 1645.
Dynamic VLAN Assignment 421
Command
radius scheme radius_scheme_name
undo radius scheme
radius_scheme_name
whose attributes are
system
Command
primary authentication ip_address
[ port_number ]
undo primary authentication
secondary authentication
ip_address [ port_number ]
undo secondary authentication
.
system