Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

1391

Usage Information

To congure any number of RADIUS server hosts for each server host that is congured, use this command. Dell

Networking OS searches for the RADIUS hosts in the order they are congured in the software.

The global default values for the timeout, retransmit, and key optional parameters are applied, unless those

values are specied in the radius-server host or other commands. To return to the global default values, if

you congure the

timeout, retransmit, or key values, include those keywords when using the no radius-

server host command syntax.

You can use duplicate host names or IP addresses among RADIUS groups. However, you cannot use duplicate host

names or IP addresses within the same RADIUS group. If a VRF is not congured on the RADIUS group, then

servers congured in the group are considered to be on the default VRF. RADIUS servers that are congured in the

CONFIGURATION mode are also considered to be on the default VRF.

You must congure the RADIUS group explicitly with the aaa radius group command in order for the AAA

servers to use the group of RADIUS servers. The 802.1x servers use the group of RADIUS servers based on the

VRF where the 802.1x request is received. As a result, it is possible that both globally congured RADIUS servers as

well as the group-congured RADIUS servers (without VRF or default VRF) are used for processing the 802.1x

requests that are received at the default VRF. The order in which the RADIUS servers are tried depends on the

order in which the RADIUS servers are congured.

Example

Dell(config)#radius-server host 192.100.0.12

Force all logged-in users to re-authenticate (y/n)?

Dell(config)#no radius-server host 192.100.0.12

Force all logged-in users to re-authenticate (y/n)?

Related Commands

• login authentication — sets the database to be checked when a user logs in.

• radius-server key — sets an authentication key for RADIUS communications.

• radius-server retransmit — sets the number of times the RADIUS server attempts to send information.

• radius-server timeout — sets the time interval before the RADIUS server times out.

radius-server vrf

Create an association between a RADIUS server group and a VRF and source interface.

Syntax

radius-server vrf vrf-name [source-interface interface]

To delete the association between a RADIUS server group and a VRF and source interface, use the no radius-

server vrf vrf-name [source-interface interface] command.

Parameters

vrf vrf-name Enter the keyword vrf and then the name of the VRF to associate a RADIUS server

group with that VRF.

interface Enter the following keywords and slot/port or number information:

• For a 1-GigabitEthernet interface, enter the keyword GigabitEthernet then the

slot/port information.

• For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet then

the slot/port information.

•

For a Loopback interface, enter the keyword loopback then a number from 0 to

16383.

1394 Security