Operation Manual

ManualsBrandsTP-LINK ManualsComputersT1700X-16TS

611

612

613

614

615

616

617

618

619

620

Configuration Guide 592

Configuring Network Security AAA Configuration

Step 1 configure

Enter global configuration mode.

Step 2 radius-server host

ip-address

[ auth-port

port-id

] [ acct-port

port-id

] [ timeout

time

] [

retransmit

number

] [ key { [ 0 ]

string

| 7

encrypted-string

} ]

Add the RADIUS server and configure the related parameters as needed.

host

ip-address

Enter the IP address of the server running the RADIUS protocol.

auth-port

port-id

Specify the UDP destination port on the RADIUS server for authentication

requests. The default setting is 1812.

acct-port

port-id:

Specify the UDP destination port on the RADIUS server for accounting

requests. The default setting is 1813. Usually, it is used in the 802.1X feature.

timeout

time

Specify the time interval that the switch waits for the server to reply before

resending. The valid values are from 1 to 9 seconds and the default setting is 5 seconds.

retransmit

number

Specify the number of times a request is resent to the server if the

server does not respond. The valid values are from 1 to 3 and the default setting is 2.

key { [ 0 ]

string

| 7

encrypted-string

}: Specify the shared key. 0 and 7 represent the

encryption type. 0 indicates that an unencrypted key will follow. 7 indicates that a

symmetric encrypted key with a xed length will follow. By default, the encryption type is 0.

string

is the shared key for the switch and the server, which contains 31 characters at most.

encrypted-string

is a symmetric encrypted key with a xed length, which you can copy from

the conguration le of another switch. The key or encrypted-key you congure here will be

displayed in the encrypted form.

Step 3 show radius-server

Verify the configuration of RADIUS server.

Step 4 end

Return to privileged EXEC mode.

Step 5 copy running-config startup-config

Save the settings in the configuration file.

The following example shows how to add a RADIUS server on the switch. Set the IP address

of the server as 192.168.0.10, the authentication port as 1812, the shared key as 123456,

the timeout as 8 seconds and the retransmit number as 3.

Switch#configure

Switch(config)#radius-server host 192.168.0.10 auth-port 1812 timeout 8 retransmit 3

key 123456

Switch(config)#show radius-server

Server Ip Auth Port Acct Port Timeout Retransmit Shared key

192.168.0.10 1812 1813 8 3 123456

Switch(config)#end