What are radius server groups, How does the switch determine which, Radius server to contact – Dell POWEREDGE M1000E User Manual

Page 178

Advertising
background image

178

Controlling Management Access

enable

Auth-Type := Local,

User-Password == "pass5678"

Service-Type = Administrative-User

The values for the Service-Type attribute are as follows:

• NAS-Prompt-User indicates the user should be provided a command

prompt on the switch, which is acting as the Network Access Server (NAS),

from which nonprivileged commands can be executed.

• Administrative-User indicates the user should be granted access to

the administrative interface to the NAS, from which privileged commands

can be executed.

What are RADIUS Server Groups?

The RADIUS client on each PowerConnect M6220/M6348/M8024/M8024-k

switch supports multiple, named RADIUS servers. When one or more

configured authentication servers that share the same RADIUS server name,

they form a group.
Named groups can help provide redundancy. If you configure multiple

RADIUS servers with the same RADIUS Server Name, designate one server as

the primary and the other(s) as the backup server(s). The switch attempts to

use the primary server first, and if the primary server does not respond, the

switch attempts to use one of the backup servers with the same RADIUS

Server Name. A priority value can be configured to determine which backup

server to contact.

How Does the Switch Determine Which RADIUS Server to Contact?

If the primary server in the named group is unavailable, the switch marks the

backup server with the highest priority (or the first available RADIUS server

in the group, if all priorities are equal) as the

current

server. The switch

attempts to contact the primary server every five minutes, which is not a

configurable value, and if the primary RADIUS server is available, it will

resume its role as the current RADIUS server.
The RADIUS Dead Time is a configurable number of minutes the switch

should consider an unavailable RADIUS server as dead. The switch will not

attempt to contact the RADIUS server until the dead time has expired.

Advertising
Popular Brands
Popular manuals