Specifications
Security Configuration Command Set
Configuring RADIUS
SecureStack A2 Configuration Guide 10-7
Command Mode
Read-Write.
Command Defaults
If
secret-value is not specified, none will be applied.
If realm is not specified, the any-access realm will be used.
Examples
This example shows how to enable the RADIUS client for authenticating with the RADIUS server
at IP address 10.1.6.203, UDP authentication port 1812, and an authentication password of
“pwsecret.” As previously noted, the “server secret” password entered here must match that already
configured as the Read-Write (rw) password on the RADIUS server
:
This example shows how to set the RADIUS timeout to 5 seconds:
This example shows how to set RADIUS retries to 10:
realm
management-access
| any-access |
network-access
Realm allows you to define who has to go through the
RADIUS server for authentication.
• management-access: This means that anyone trying to
access the switch (Telnet, SSH, Local Management) has
to authenticate through the RADIUS server.
• network-access: This means that all the users have to
authenticate to a RADIUS server before they are allowed
access to the network.
• any-access: Means that both Management-access and
Network-access have been enabled.
NOTE: If the management-access or any-access realm
has been configured, the local “admin” account is disabled
for access to the switch using the console, Telnet, or Local
Management. Only the network-access realm allows
access to the local “admin” account.
A2(rw)->set radius server 1 10.1.6.203 1812 pwsecret
A2(rw)->set radius timeout 5
A2(rw)->set radius retries 10