User`s manual

ManualsBrandsD-Link ManualsComputer equipmentDWL-8220AP - AirPremier Wireless Switch Dualband Access Point

321

322

323

324

325

326

327

328

329

330

324

DWS-1008 User’s Manual

D-Link Systems, Inc.

Conguring Communication with RADIUS

Note: Any RADIUS servers that do not respond are marked dead (unavailable) for a period

of time. The unresponsive server is skipped over, as though it did not exist, during its dead

time. Once the dead time elapses, the server is again a candidate for receiving requests. To

change the default dead-time timer, use the set radius or set radius server command.

Ordering Server Groups

You can congure up to four methods for authentication, authorization, and accounting (AAA).

AAA methods can be the local database on the switch and/or one or more RADIUS server

groups. You set the order in which the switch attempts the AAA methods by the order in which

you enter the methods in CLI commands.

In most cases, if the rst method results in a pass or fail, the evaluation is nal. If the rst

method does not respond or results in an error, the switch tries the second method and so

on.

However, if the local database is the rst method in the list, followed by a RADIUS server

group, the switch responds to a failed search of the database by sending a request to the

following RADIUS server group. This exception is called local override.

Conguring Load Balancing

You can congure the switch to distribute authentication requests across RADIUS servers in

a server group, which is called load balancing. Distributing the authentication process across

multiple RADIUS servers signicantly reduces the load on individual servers while increasing

resiliency on a systemwide basis.

When you congure load balancing, the rst client’s RADIUS requests are directed to the rst

server in the group, the second client’s RADIUS requests are directed to the second server in

the group, and so on. When the last server in the group is reached, the cycle is repeated.

Note: MSS attempts to send accounting records to one RADIUS server, even if load balancing

is congured.

To congure load balancing, use the following command:

set server group group-name load-balance enable

For example, to congure RADIUS servers pelican and seagull as the server group

swampbirds with load balancing:

1. Congure the members of a server group by typing the following command:

DWS-1008# set server group swampbirds members pelican seagull

success: change accepted.

2. Enable load balancing by typing the following command:

DWS-1008# set server group swampbirds load-balance enable

success: change accepted.