3com 8807 Reference Guide
340
C
HAPTER
21: AAA
AND
RADIUS/HWTACACS P
ROTOCOL
C
ONFIGURATION
C
OMMANDS
Parameter
None
Description
Use the radius client enable command to enable the port 1812. You must use
this command to enable ports before using RADIUS authentication.
this command to enable ports before using RADIUS authentication.
Use the undo radius client to disable the port 1812. You can use this command
to disable ports when you do not use RADIUS authentication. The system does not
receive (or respond to) UDP packets whose destination port is the port 1812 after
the port 1812 is disabled.
to disable ports when you do not use RADIUS authentication. The system does not
receive (or respond to) UDP packets whose destination port is the port 1812 after
the port 1812 is disabled.
The port 1812 is disabled by default.
Currently the RADIUS service of the system adopts the port 1812 as the source
port in authentication and accounting packets, so the system cannot receive
RADIUS response packets any more if the port 1812 is disabled. Thus, RADIUS
service is disabled.
port in authentication and accounting packets, so the system cannot receive
RADIUS response packets any more if the port 1812 is disabled. Thus, RADIUS
service is disabled.
Example
# Enable the port 1812.
<SW8800> system-view
[SW8800] radius client enable
radius nas-ip
Syntax
radius nas-ip ip-address [ vpn-instance vpn-instance-name ]
undo radius nas-ip [ vpn-instance vpn-instance-name ]
View
System view
Parameter
ip-address: Source IP address expressed in the format of dotted decimal notation.
It must be a legal unicast address.
It must be a legal unicast address.
vpn-instance-name: The name of VPN instances, which is a string ranging of 1 to
19 characters.
19 characters.
Description
Use the radius nas-ip command to configure the nas-ip of the global public
network. Only one public network nas-ip can be configured globally. Use the
radius nas-ip ip-address vpn-instance command to configure the nas-ip of the
global private network. Only one nas-ip can be configured for each private
network and a maximum of 16 private networks can be configured.
network. Only one public network nas-ip can be configured globally. Use the
radius nas-ip ip-address vpn-instance command to configure the nas-ip of the
global private network. Only one nas-ip can be configured for each private
network and a maximum of 16 private networks can be configured.
Use the undo radius nas-ip command to cancel the nas-ip configuration for
global public network. Use the undo radius nas-ip vpn-instance command to
cancel the nas-ip configuration for a private network.
global public network. Use the undo radius nas-ip vpn-instance command to
cancel the nas-ip configuration for a private network.
Related command: display radius nas-ip.