3com 3031 Instruccion De Instalación

C

HAPTER

 57: AAA 

AND

 RADIUS C

ONFIGURATION

While this command is configured, user can use the specified RADIUS 
authentication server. The user name should be in “userid@server” format, in 
which the userid is the user name and server is the IP address of RADIUS 
authentication server.

This function should be used along with the authentication and accounting 
schemes on the interface. It is useful only when the first methods configured in 
authentication and accounting schemes are 

 or 

. 

When making authentication and accounting on a user, the system will first try to 
use the RADIUS server appointed by the user and then some other RADIUS server 
in case the appointed server fails to provide services.

Executing the 

undo radius appoint-authentication

 command will disable the 

users to appoint RADIUS servers.

Perform the following configuration in System View or RADIUS template view.

 represents that only specified RADIUS server can perform the 

authentication. After this operation is configured, user request will be denied 
while the specified RADIUS server does not exist or fails.

The shared secret is used to encrypt user password and generate Response 
Authentication key.

Perform the following configuration in System View or radius template view.

The configured shared-key must be the same key set on the RADIUS server.

For the packet sent by RADIUS client, if response is required from the RADIUS 
server, a timeout timer can be set. Then the packet will be retransmitted after the 
timer expires.

Table 858   Configuring user specified RADIUS authentication server

Configure user specified RADIUS 
authentication server for PPP user

Disable configuration for PPP user RADIUS 
authentication server specified by the user

Table 859   Configuring RADIUS shared secret

Configure RADIUS server shared secret

Delete RADIUS server shared secret