Specifications

ManualsBrandsEnterasys ManualsComputer equipmentN Standalone (NSA) Series

Configuring Authentication

April 15, 2011 Page 27 of 36

Procedure 14describesauthenticationserverconfiguration.

Configuring RADIUS Accounting

TherearefouraspectstoconfiguringRADIUSaccounting:

• StateenablesordisablesRADIUSaccounting

• Updatevaluesallowthespecificationofthelengthoftheperiodbeforeaccountingupdates

startandtheintervalbetweenupdates

• Establishmen tvaluesconfigureatimersettingthelengthoftimebeforeretries,aswellasthe

numberofretries,beforetheswitchdeterminestheRADIUSaccountingserverisdownand

attemptstoestablishwiththenextserverinitslist.

• ServeridentificationprovidesfortheconfigurationoftheRADIUSaccountingserverIP

addressandindexvalue.Theindexdeterminestheorderinwhichtheswitchwillattempt

to

establishwithanaccountingserver.AftersettingtheindexandIPaddressyouareprompted

toenterasecretvalueforthisaccountingserver.

FirmwaresupportstheconfigurationofmultipleRADIUSaccountingservers.Thelowestindex

valueassociatedwiththeserverdeterminestheprimaryserver.Iftheprimaryserver

isdown,the

operationalserverwiththenextlowestindexvalueisused.Iftheswitchfailstoestablishcontact

withtheprimaryserverbeforeaconfiguredtimeout,theswitchwillretryfortheconfigured

numberoftimes.

Procedure 14 Authentication Server Configuration

Step Task Command(s)

1. Configure the index value, IP address, and

secret value for this authentication server.

set radius server index ip-address

[secret-value]

2. Optionally set the number of seconds the switch

will wait before retrying authentication server

establishment.

set radius timeout timeout

3. Optionally set the number of retries that will

occur before the switch declares an

authentication server down.

set radius retries retries

4. Optionally set the authentication server

configuration scope to management access,

network access, or both for all or the specified

authentication server.

set radius realm {management-access |

network-access | any} {as-index | all}

5. Globally enable or disable RADIUS on the

switch.

set radius {enable | disable}

6. Reset the specified RADIUS setting to its default

value.

clear radius {[state] [retries] [timeout]

[server [index | all] [realm {index | all}]

7. Display the current RADIUS authentication

server settings.

show radius [state | retries | authtype |

timeout | server [index | all]]