Configuring radius accounting servers – H3C Technologies H3C WX3000 Series Unified Switches User Manual
Page 262
25-10
A RADIUS scheme can be referenced by multiple ISP domains simultaneously.
Configuring RADIUS Authentication/Authorization Servers
Follow these steps to configure RADIUS authentication/authorization servers:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Create a RADIUS scheme and
enter its view
radius scheme
radius-scheme-name
Required
By default, a RADIUS scheme named
"system" has already been created in the
system.
Set the IP address and port
number of the primary RADIUS
authentication/authorization server
primary authentication
ip-address
[ port-number ]
Required
By default, the IP address and UDP port
number of the primary server are 0.0.0.0
and 1812 respectively for a newly created
RADIUS scheme.
Set the IP address and port
number of the secondary RADIUS
authentication/authorization server
secondary
authentication
ip-address
[ port-number ]
Optional
By default, the IP address and UDP port
number of the secondary server are
0.0.0.0 and 1812 respectively for a newly
created RADIUS scheme.
z
The authentication response sent from the RADIUS server to the RADIUS client carries
authorization information. Therefore, you need not (and cannot) specify a separate RADIUS
authorization server.
z
In an actual network environment, you can specify one server as both the primary and secondary
authentication/authorization servers, as well as specifying two RADIUS servers as the primary and
secondary authentication/authorization servers respectively.
z
The IP address and port number of the primary authentication server used by the default RADIUS
scheme "system" are 127.0.0.1 and 1645.
Configuring RADIUS Accounting Servers
Follow these steps to configure RADIUS accounting servers:
To do…
Use the command…
Remarks
Enter system view
system-view
—