Setting radius parameters, Global radius configuration, Setting the poll time and dead time intervals – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 77

Advertising
background image

Multi-Service IronWare Security Configuration Guide

59

53-1003035-02

Configuring RADIUS security

1

Global radius configuration

The following global configurations are for all radius servers, and can be used to configure defaults.
If the individual radius servers are configured, the instance value takes precedence.

Health-check is disabled by default. Use the following command to globally enable health-check.

Brocade(config)# radius-server enable-health-check

Syntax: [no] radius-server enable-health-check

Use the no version of the command to globally disable health-check.

Setting the poll time and dead time intervals

The poll interval sets how often the status-server packets are sent. The status-server packets are
sent every 15minutes. The minimum that can be configured is 1 and maximum is 96. This
translates to one status check for every 15m to one per day (4*24)

The dead time interval is the period for which we wait after declared dead or not reachable and
before sending the status-server packet again. By default, it waits for 45m when server is declared
dead, before sending again health checks. For example, you can configure one status check for
every 15minutes to one per week(4*24*7). Use a command such as the following to enable the
radius health check pool time interval and dead time inter

Brocade(config)# radius-health-check poll-time 5 dead-time 4

Syntax: [no] radius-health-check poll-time p-count dead-time d-count

The p-count parameter specifies when the Status-Server packets are sent. The minimum that could
be configured is 1 and max would be 96. The default value is 2.

The d-count parameter specifies the amount of time it waits after declared dead or not reachable
and before sending the status-server packet again. The minimum that could be configured would
be 1 and maximumis672. The default value is 3.

Setting RADIUS parameters

You can set the following parameters in a RADIUS configuration:

RADIUS key – This parameter specifies the value that the Brocade device sends to the RADIUS
server when trying to authenticate user access.

Retransmit interval – This parameter specifies how many times the Brocade device will resend
an authentication request when the RADIUS server does not respond. The retransmit value
can be from 1 – 5 times. The default is 3 times.

Timeout – This parameter specifies how many seconds the Brocade device waits for a
response from a RADIUS server before either retrying the authentication request, or
determining that the RADIUS servers are unavailable and moving on to the next authentication
method in the authentication-method list. The timeout can be from 1 – 15 seconds. The
default is 3 seconds.

Advertising
Popular Brands
Popular manuals