Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipment5428 - SN Router
411412413414415416417418419420
12-236
Cisco SN 5428-2 Storage Router Software Configuration Guide
78-15471-01
Chapter 12 Command Line Interface Reference
radius-server host
Usage Guidelines AAA authentication services are used to provide the following authentication types:
iSCSI authenticationprovides authentication of IP hosts requiring access to storage via SCSI
routing instances
Login authenticationprovides authentication of users requiring Monitor mode access to the
storage router via the CLI
Enable authenticationprovides authentication of users requiring Administrator mode access to the
storage router via the CLI enable command
You can use multiple radius-server host commands to specify multiple RADIUS servers. AAA
authentication searches for servers in the order in which you specify them.
Use the aaa group server radius server command to add a RADIUS server to a server group. If you
delete a RADIUS server, delete the server from the RADIUS server using the
no aaa group server radius server command.
If no host-specific timeout, retransmit, or key values are specified, the global values apply to each
RADIUS server.
A retransmit value of zero (0) disables RADIUS request retransmission.
If you use spaces in the key, enclose the key in quotation marks.
Note Verification of IP addresses in a server group occurs only at runtime. If a RADIUS server group contains
an IP address that is not defined as a RADIUS server, the authentication process generates error
messages and the IP address is skipped. This could cause unexpected authentication failures.
Examples The following example identifies the server with IP address 10.5.0.53 as the RADIUS server and uses
the default port for authentication:
[SN5428-2A]# radius-server host 10.5.0.53
The following example identifies port 1612 as the destination port for authentication requests on the
RADIUS server 10.6.0.61:
[SN5428-2A]# radius-server host 10.6.0.61 auth-port 1612
The following example identifies the server with IP address 10.5.0.53 as the RADIUS server, uses ports
1612 as the authorization port, sets the timeout value to 6, sets the retransmit value to 5, and sets
rad123 as the encryption key, matching the key on the RADIUS server:
[SN5428-2A]# radius-server host 10.5.0.53 auth-port 1612 timeout 6 retransmit 5 key rad123