Manualshelf

Owner's Manual

ManualsBrandsNetgear ManualsHubsNetgear XCM8806
471472473474475476477478479480
478 | Chapter 17. Security
NETGEAR 8800 User Manual
management and another pair for network login, use the mgmt-access and netlogin
keywords.
Configuring the RADIUS Client Accounting Timeout Value
To configure the timeout if a server fails to respond, use the following command:
configure radius-accounting {mgmt-access | netlogin} timeout <seconds>
If the timeout expires, another authentication attempt is made. After three failed attempts to
authenticate, the alternate server is used.
Configuring the Shared Secret Password for RADIUS Accounting Servers
The shared secret is a password that is configured on each network device (RADIUS client)
and RADIUS accounting server. The shared secret is used to verify communication between
network devices and the server.
To configure the shared secret for client communications with RADIUS accounting servers,
use the following command:
configure radius-accounting {mgmt-access | netlogin} [primary | secondary]
shared-secret {encrypted} <string>
To configure the primary RADIUS accounting server, specify primary. To configure the
secondary RADIUS accounting server, specify
secondary.
If you do not specify the mgmt-access or netlogin keywords, the secret applies to both the
primary and secondary switch management and network login RADIUS accounting servers.
Do not use the encrypted keyword to set the shared secret. The encrypted keyword prevents
the display of the shared secret in the
show configuration command output.
Enabling and Disabling RADIUS Accounting
After you configure the RADIUS client with the RADIUS accounting server information, you
must enable accounting in the RADIUS client before the switch begins transmitting the
information. You must enable RADIUS authentication in the client for accounting information
to be generated. You can enable and disable accounting without affecting the current state of
RADIUS authentication.
To enable RADIUS accounting, use the following command:
enable radius-accounting {mgmt-access | netlogin}
To disable RADIUS accounting, use the following command:
disable radius-accounting {mgmt-access | netlogin}
If you do not specify a keyword, RADIUS accounting is enabled or disabled on the switch for
both management and network login.