Hub/Switch Reference Guide

ManualsBrandsNortel Networks ManualsSwitch2300 Series

501

502

503

504

505

506

507

508

509

510

RADIUS and Server Groups Commands 501

Nortel WLAN—Security Switch 2300 Series Command Line Reference

Defaults

Default values are listed below:

• auth-port—UDP port 1812

• acct-port—UDP port 1813

• timeout—5 seconds

• retransmit—3 (the total number of attempts, including the first attempt)

• deadtime—0 (zero) minutes (The WSS does not designate unresponsive RADIUS servers as unavailable.)

• key—No key

• encrypted-key—No key

• author-password—nortel

Access

Enabled.

History

Usage

For a given RADIUS server, the first instance of this command must set both the server name and the

IP address and can include any or all of the other optional parameters. Subsequent instances of this command

can be used to set optional parameters for a given RADIUS server.

To configure the server as a remote authenticator for the WSS, you must add it to a server group with the set server

group command.

Do not use the same name for a RADIUS server and a RADIUS server group.

deadtime minutes Number of minutes the WSS waits after declaring an unresponsive

RADIUS server unavailable before retrying that RADIUS server.

Specify between 0 (zero) and 1440 minutes (24 hours). A zero value

causes the switch to identify unresponsive servers as available.

key string | encrypted-

key string

Password (shared secret key) the WSS uses to authenticate to RADIUS

servers. You must provide the same password that is defined on the

RADIUS server. The password can be 1 to 64 characters long, with no

spaces or tabs.

•Use the key option to enter the string in its unencrypted

form. WSS Software encrypts the displayed form of the

string in show config and show aaa output.

• To enter the string in its encrypted form instead, use the

encrypted-key option. WSS Software does not encrypt

the string you enter, and instead displays the string

exactly as you enter it.

author-password

password

Password used for authorization to a RADIUS server for MAC

authentication. The client’s MAC address is sent as the username and the

author-password string is sent as the password. Specify a password of

up to 64 alphanumeric characters with no spaces or tabs.

Version 4.1 encrypted-key option added