2 radius-server host – Fortinet MR1 User Manual

215

no - This command is used to set the RADIUS accounting function to the default value - that is, the
RADIUS accounting function is disabled.

Default Setting

Disabled

Command Mode

Global Config

5.8.4.2 radius-server host

This command is used to configure the RADIUS authentication and accounting server.
If the 'auth' token is used, the command configures the IP address to use to connect to a
RADIUS authentication server. Up to 3 servers can be configured per RADIUS client. If the
maximum number of configured servers is reached, the command will fail until one of the
servers is removed by executing the no form of the command. If the optional <port>
parameter is used, the command will configure the UDP port number to use to connect to the
configured RADIUS server. In order to configure the UDP port number, the IP address must
match that of a previously configured RADIUS authentication server. The port number must
lie between 1 - 65535, with 1812 being the default value.

If the 'acct' token is used, the command configures the IP address to use for the RADIUS
accounting server. Only a single accounting server can be configured. If an accounting
server is currently configured, it must be removed from the configuration using the no form of
the command before this command succeeds. If the optional <port> parameter is used, the
command will configure the UDP port to use to connect to the RADIUS accounting server.
The IP address specified must match that of a previously configured accounting server. If a
port is already configured for the accounting server then the new port will replace the
previously configured value. The port must be a value in the range 1 - 65535, with 1813 being
the default value.

Syntax

radius-server host {acct | auth} <ipaddr> [port]

no radius-server host {acct | auth} <ipaddr>

<ipaddr> - is a IP address.

[port] - Port number (Range: 1 – 65535)

no - This command is used to remove the configured RADIUS authentication server or the RADIUS
accounting server. If the 'auth' token is used, the previously configured RADIUS authentication server is
removed from the configuration. Similarly, if the 'acct' token is used, the previously configured RADIUS
accounting server is removed from the configuration. The <ipaddr> parameter must match the IP
address of the previously configured RADIUS authentication / accounting server.