Configure the switch’s global radius parameters – HP 4100GL User Manual

Page 66

Advertising
background image

RADIUS Authentication and Accounting
Configuring the Switch for RADIUS Authentication

3. Configure the Switch’s Global RADIUS Parameters

You can configure the switch for the following global RADIUS parameters:

Number of login attempts:

In a given session, specifies how many

tries at entering the correct username and password pair are allowed
before access is denied and the session terminated. (This is a general
aaa authentication

parameter and is not specific to RADIUS.)

Global server key:

The server key the switch will use for contacts

with all RADIUS servers for which there is not a server-specific key
configured by radius-server host

< ip-address > key < key-string >.

This key is optional if you configure a server-specific key for each
RADIUS server entered in the switch. (Refer to “2. Configure the
Switch To Access a RADIUS Server” on page 3-10.)

Server timeout:

Defines the time period in seconds for authentica

-

tion attempts. If the timeout period expires before a response is
received, the attempt fails.

Server dead time:

Specifes the time in minutes during which the

switch avoids requesting authentication from a server that has not
responded to previous requests.

Retransmit attempts:

If the first attempt to contact a RADIUS

server fails, specifies how many retries you want the switch to attempt
on that server.

Syntax: aaa authentication num-attempts <1 .. 10 >

Specifies how many tries for entering the correct username
and password before shutting down the session due to input
errors. (Default: 3; Range: 1 - 10).

[no] radius-server

key < global-key-string >

Specifies the global encryption key the switch uses with
servers for which the switch does not have a server­
specific key assignment. This key is optional if all
RADIUS server addresses configured in the switch in­
clude a server-specific encryption key. (Default: Null.)

dead-time < 1 .. 1440 >

Optional. Specifies the time in minutes during which
the switch will not attempt to use a RADIUS server that
has not responded to an earlier authentication attempt.
(Default: 0; Range: 1 - 1440 minutes)

3-12

Advertising
Popular Brands
Popular manuals