Displaying radius configuration information – Brocade BigIron RX Series Configuration Guide User Manual

Page 181

Advertising
background image

BigIron RX Series Configuration Guide

103

53-1002484-04

Configuring RADIUS security

3

If you specify a loopback interface as the single source for RADIUS packets, RADIUS servers
can receive the packets regardless of the states of individual links. Thus, if a link to the RADIUS
server becomes unavailable but the client or server can be reached through another link, the
client or server still receives the packets, and the packets still have the source IP address of
the loopback interface.

The software contains separate CLI commands for specifying the source interface for Telnet,
TACACS and TACACS+, and RADIUS packets. You can configure a source interface for one or more
of these types of packets.

To specify an Ethernet or a loopback or virtual interface as the source for all RADIUS packets from
the device, use the following CLI method. The software uses the lowest-numbered IP address
configured on the port or interface as the source IP address for RADIUS packets originated by the
device.

To specify the lowest-numbered IP address configured on a virtual interface as the device’s source
for all RADIUS packets, enter commands such as the following.

BigIron RX(config)# interface ve 1

BigIron RX(config-vif-1)# ip address 10.0.0.3/24

BigIron RX(config-vif-1)# exit

BigIron RX(config)# ip radius source-interface ve 1

The commands in this example configure virtual interface 1, assign IP address 10.0.0.3/24 to the
interface, then designate the interface as the source for all RADIUS packets from the device.

Syntax: ip radius source-interface ethernet <portnum> | loopback <num> | ve <num>

The <num> parameter is a loopback interface or virtual interface number. If you specify an
Ethernet port, the <portnum> is the port’s number (including the slot number, if you are
configuring a device).

Displaying RADIUS configuration information

The show aaa command displays information about all TACACS and TACACS+ and RADIUS servers
identified on the device.

Syntax: show aaa

The following table describes the RADIUS information displayed by the show aaa command.

BigIron RX# show aaa

Tacacs+ key: brocade

Tacacs+ retries: 1

Tacacs+ timeout: 15 seconds

Tacacs+ dead-time: 3 minutes

Tacacs+ Server: 207.95.6.90 Port:49:

opens=6 closes=3 timeouts=3 errors=0

packets in=4 packets out=4

no connection

Radius key: networks

Radius retries: 3

Radius timeout: 3 seconds

Radius dead-time: 3 minutes

Radius Server: 207.95.6.90 Auth Port=1645 Acct Port=1646:

opens=2 closes=1 timeouts=1 errors=0

packets in=1 packets out=4

no connection

Advertising
Popular Brands
Popular manuals