Reference Guide

ManualsBrandsDell ManualsserversDell Force10 S55T

601

602

603

604

605

606

607

608

609

610

Security | 609

The following list includes the configuration tasks for RADIUS.

• Define a aaa method list to be used for RADIUS (mandatory)

• Apply the method list to terminal lines (mandatory except when using default lists)

• Specify a RADIUS server host (mandatory)

• Set global communication parameters for all RADIUS server hosts (optional)

• Monitor RADIUS (optional)

For a complete listing of all FTOS commands related to RADIUS, refer to the Security chapter in the

FTOS Command Reference.

To view the configuration, use the

show config in the LINE mode or the show running-config command in

the EXEC Privilege mode.

Define a AAA method list to be used for RADIUS

To configure RADIUS to authenticate or authorize users on the system, you must create a AAA method

list. Default method lists do not need to be explicitly applied to the line, so they are not mandatory. To

create a method list, enter one of the following commands in CONFIGURATION mode:

Apply the method list to terminal lines

To enable RADIUS AAA login authentication for a method list, you must apply it to a terminal line. To

configure a terminal line for RADIUS authentication and authorization, enter the following commands:

Note: RADIUS authentication and authorization are done in a single step. Hence, authorization cannot be

used independent of authentication. However, if RADIUS authorization is configured and authentication is

not, then a message is logged stating this. During authorization, the next method in the list (if present) is

used, or if another method is not present, an error is reported.

Command Syntax Command Mode Purpose

aaa authentication login

method-list-name radius

CONFIGURATION Enter a text string (up to 16 characters long) as the name

of the method list you wish to use with the RADIUS

authentication method.

aaa authorization exec

{method-list-name | default} radius

tacacs+

CONFIGURATION Create methodlist with RADIUS and TACACS+ as

authorization methods. Typical order of methods:

RADIUS, TACACS+, Local, None. If authorization is

denied by RADIUS, the session ends (

radius should not

be the last method specified).

Command Syntax Command Mode Purpose

line {aux 0 | console 0 | vty number

[

end-number]}

CONFIGURATION Enter the LINE mode.