Cisco Nexus 5000 Series Switch CLI Software Configuration Guide (OL-16597-01, July 2009)

• roles—Lists all the roles to which the user belongs. The value field is a string that lists the role names

delimited by white space.

• accountinginfo—Stores accounting information in addition to the attributes covered by a standard

RADIUS accounting protocol. This attribute is sent only in the VSA portion of the Account-Request

frames from the RADIUS client on the switch. It can be used only with the accounting protocol data

units (PDUs).

Prerequisites for RADIUS

RADIUS has the following prerequisites:

• Obtain IPv4 or IPv6 addresses or host names for the RADIUS servers.

• Obtain preshared keys from the RADIUS servers.

• Ensure that the Cisco Nexus 5000 Series switch is configured as a RADIUS client of the AAA servers.

Guidelines and Limitations for RADIUS

RADIUS has the following guidelines and limitations:

• You can configure a maximum of 64 RADIUS servers on the Cisco Nexus 5000 Series switch.

Configuring RADIUS Servers

To configure RADIUS servers, perform this task:

Procedure

Step 1

Establish the RADIUS server connections to the Cisco Nexus 5000 Series switch.

Step 2

Configure the preshared secret keys for the RADIUS servers.

Step 3

If needed, configure RADIUS server groups with subsets of the RADIUS servers for AAA authentication

methods.

Step 4

If needed, configure any of the following optional parameters:

• Dead-time interval.

• Allow specification of a RADIUS server at login.

• Transmission retry count and timeout interval.

• Accounting and authentication attributes.

Step 5

If needed, configure periodic RADIUS server monitoring.

Cisco Nexus 5000 Series Switch CLI Software Configuration Guide

244 OL-16597-01

Configuring RADIUS

Prerequisites for RADIUS