User`s manual

ManualsBrandsD-Link ManualsComputer equipmentDWL-8220AP - AirPremier Wireless Switch Dualband Access Point

321

322

323

324

325

326

327

328

329

330

321

DWS-1008 User’s Manual

D-Link Systems, Inc.

Conguring Communication with RADIUS

If a server does not respond before the last request attempt times out, MSS holds down further

requests to the server, for the duration of the dead time. For example, if you set the dead time

to 5 minutes, MSS stops sending requests to the unresponsive server for 5 minutes before

reattempting to use the server.

During the holddown, it is as if the dead RADIUS server does not exist. MSS skips over any

dead RADIUS servers to the next live server, or on to the next method if no more live servers

are available, depending on your conguration. For example, if a RADIUS server group is

the primary authentication method and local is the secondary method, MSS fails over to the

local method if all RADIUS servers in the server group are unresponsive and have entered

the dead time.

For failover authentication or authorization to work promptly, D-Link recommends that you

change the dead time to a value other than 0. With the default setting, the dead time is never

invoked and MSS does not hold down requests to unresponsive RADIUS servers. Instead,

MSS attempts to send each new authentication or authorization request to a server even if the

server is thought to be unresponsive. This behavior can cause authentication or authorization

failures on clients because MSS does not fail over to the local method soon enough and the

clients eventually time out.

Conguring Global RADIUS Defaults

You can change RADIUS values globally and set a global password (key) with the following

command. The key string is the shared secret that the switch uses to authenticate itself to

the RADIUS server.

set radius {deadtime minutes | key string | retransmit number | timeout seconds}

For example, the following commands set the dead-time timer to 10 minutes and set the

password to r8gney for all RADIUS servers in the conguration:

DWS-1008# set radius deadtime 10

success: change accepted.

DWS-1008# set radius key r8gney

success: change accepted.

To reset global RADIUS server settings to their factory defaults, use the following

command:

clear radius {deadtime | key | retransmit | timeout}

For example, the following command resets the dead-time timer to 0 minutes on all RADIUS

servers in the conguration:

DWS-1008# clear radius deadtime

success: change accepted.