H3C Technologies H3C S12500-X Series Switches User Manual

Page 37

Advertising
background image

25

Step Command

Remarks

3.

Specify RADIUS accounting
servers.

Specify the primary RADIUS
accounting server:

primary accounting { ipv4-address |

ipv6 ipv6-address } [ port-number |
key { cipher | simple } string |

vpn-instance vpn-instance-name ] *

Specify a secondary RADIUS

accounting server:

secondary accounting

{ ipv4-address | ipv6 ipv6-address }
[ port-number | key { cipher |

simple } string | vpn-instance

vpn-instance-name ] *

Configure at least one
command.
By default, no accounting
server is specified.
Two accounting servers in a
scheme, primary or

secondary, cannot have the
same combination of IP

address, port number, and

VPN.

4.

(Optional.) Set the maximum
number of real-time

accounting attempts.

retry realtime-accounting retry-times

The default setting is 5.

359B

Specifying the shared keys for secure RADIUS communication

The RADIUS client and server use the MD5 algorithm and shared keys to generate the Authenticator
value for packet authentication and user password encryption. They must use the same key for each type

of communication.
A key configured in this task is for all servers of the same type (accounting or authentication) in the

scheme, and has a lower priority than a key configured individually for a RADIUS server.
To specify a shared key for secure RADIUS communication:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter RADIUS scheme view.

radius scheme
radius-scheme-name

N/A

3.

Specify a shared key for

secure RADIUS
communication.

key { accounting | authentication }
{ cipher | simple } string

By default, no shared key is
specified.
The shared key configured on the
device must be the same as that

configured on the RADIUS server.

360B

Specifying a VPN for the scheme

The VPN specified for a RADIUS scheme applies to all authentication and accounting servers in that
scheme. If a VPN is also configured for an individual RADIUS server, the VPN specified for the RADIUS

scheme does not take effect on that server.
To specify a VPN for a scheme:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter RADIUS scheme view.

radius scheme radius-scheme-name

N/A

Advertising
This manual is related to the following products:

H3C S5560 Series Switches, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module, H3C S9800 Series Switches, H3C S5130 Series Switches, H3C S5120 Series Switches

Popular Brands
Popular manuals