Radius parameters, Setting the radius key, Setting the retransmission limit – Brocade Communications Systems Brocade ICX 6650 6650 User Manual

Page 70

Advertising
background image

50

Brocade ICX 6650 Security Configuration Guide

53-1002601-01

RADIUS security

RADIUS parameters

You can set the following parameters in a RADIUS configuration:

RADIUS key – This parameter specifies the value that the Brocade device sends to the RADIUS
server when trying to authenticate user access.

Retransmit interval – This parameter specifies how many times the Brocade device will resend
an authentication request when the RADIUS server does not respond. The retransmit value
can be from 1 – 5 times. The default is 3 times.

Timeout – This parameter specifies how many seconds the Brocade device waits for a
response from a RADIUS server before either retrying the authentication request, or
determining that the RADIUS servers are unavailable and moving on to the next authentication
method in the authentication-method list. The timeout can be from 1 – 15 seconds. The
default is 3 seconds.

Setting the RADIUS key

The key parameter in the radius-server command is used to encrypt RADIUS packets before they
are sent over the network. The value for the key parameter on the Brocade device should match the
one configured on the RADIUS server. The key can be from 1 – 32 characters in length and cannot
include any space characters.

To specify a RADIUS server key, enter a command such as the following.

Brocade(config)# radius-server key mirabeau

Syntax: radius-server key [0 | 1] string

When you display the configuration of the Brocade device, the RADIUS key is encrypted.

Example

Brocade(config)# radius-server key 1 abc
Brocade(config)# write terminal
...
radius-server host 10.2.3.5
radius key 1 $!2d

NOTE

Encryption of the RADIUS keys is done by default. The 0 parameter disables encryption. The 1
parameter is not required; it is provided for backwards compatibility.

Setting the retransmission limit

The retransmit parameter specifies the maximum number of retransmission attempts. When an
authentication request times out, the Brocade software will retransmit the request up to the
maximum number of retransmissions configured. The default retransmit value is 3 retries. The
range of retransmit values is from 1 – 5.

To set the RADIUS retransmit limit, enter a command such as the following.

Brocade(config)# radius-server retransmit 5

Syntax: radius-server retransmit number

Advertising
Popular Brands
Popular manuals