Configuring authentication-method lists for radius, Configuring authentication-method lists for, Radius – Brocade TurboIron 24X Series Configuration Guide User Manual
Page 143: Setting the retransmission limit, Setting the timeout parameter
Brocade TurboIron 24X Series Configuration Guide
109
53-1003053-01
Configuring RADIUS security
Setting the retransmission limit
The retransmit parameter specifies the maximum number of retransmission attempts. When an
authentication request times out, the software will retransmit the request up to the maximum
number of retransmissions configured. The default retransmit value is 3 retries. The range of
retransmit values is from 1 – 5.
To set the RADIUS retransmit limit, enter a command such as the following.
TurboIron(config)#radius-server retransmit 5
Syntax: radius-server retransmit <number>
Setting the timeout parameter
The timeout parameter specifies how many seconds the device waits for a response from the
RADIUS server before either retrying the authentication request, or determining that the RADIUS
server is unavailable and moving on to the next authentication method in the
authentication-method list. The timeout can be from 1 – 15 seconds. The default is 3 seconds.
TurboIron(config)#radius-server timeout 5
Syntax: radius-server timeout <number>
Configuring authentication-method lists for RADIUS
You can use RADIUS to authenticate Telnet/SSH access and access to Privileged EXEC level and
CONFIG levels of the CLI. When configuring RADIUS authentication, you create
authentication-method lists specifically for these access methods, specifying RADIUS as the
primary authentication method.
Within the authentication-method list, RADIUS is specified as the primary authentication method
and up to six backup authentication methods are specified as alternates. If RADIUS authentication
fails due to an error, the device tries the backup authentication methods in the order they appear in
the list.
When you configure authentication-method lists for RADIUS, you must create a separate
authentication-method list for Telnet or SSH CLI access and for CLI access to the Privileged EXEC
level and CONFIG levels of the CLI.
To create an authentication-method list that specifies RADIUS as the primary authentication
method for securing Telnet access to the CLI.
TurboIron(config)#enable telnet authentication
TurboIron(config)#aaa authentication login default radius local
The commands above cause RADIUS to be the primary authentication method for securing Telnet
access to the CLI. If RADIUS authentication fails due to an error with the server, local authentication
is used instead.
To create an authentication-method list that specifies RADIUS as the primary authentication
method for securing access to Privileged EXEC level and CONFIG levels of the CLI.
TurboIron(config)#aaa authentication enable default radius local none