3com 3031 Instruccion De Instalación
![3com](https://files.manualsbrain.com/attachments/960452ff43b9899cbcffced60c87abf956e7967a/common/fit/150/50/f6ac125d7af2cf40fec58935fa6d4bf71457a57efe50bee91208a434f325/brand_logo.jpeg)
792
C
HAPTER
57: AAA
AND
RADIUS C
ONFIGURATION
Configuring user specified RADUIS authentication server
While this command is configured, user can use the specified RADIUS
authentication server. The user name should be in “userid@server” format, in
which the userid is the user name and server is the IP address of RADIUS
authentication server.
authentication server. The user name should be in “userid@server” format, in
which the userid is the user name and server is the IP address of RADIUS
authentication server.
This function should be used along with the authentication and accounting
schemes on the interface. It is useful only when the first methods configured in
authentication and accounting schemes are
schemes on the interface. It is useful only when the first methods configured in
authentication and accounting schemes are
radius
or
radius-server template
.
When making authentication and accounting on a user, the system will first try to
use the RADIUS server appointed by the user and then some other RADIUS server
in case the appointed server fails to provide services.
use the RADIUS server appointed by the user and then some other RADIUS server
in case the appointed server fails to provide services.
Executing the
undo radius appoint-authentication
command will disable the
users to appoint RADIUS servers.
Perform the following configuration in System View or RADIUS template view.
restricted
represents that only specified RADIUS server can perform the
authentication. After this operation is configured, user request will be denied
while the specified RADIUS server does not exist or fails.
while the specified RADIUS server does not exist or fails.
Configuring Shared Key of RADIUS Server
The shared secret is used to encrypt user password and generate Response
Authentication key.
Authentication key.
Perform the following configuration in System View or radius template view.
The configured shared-key must be the same key set on the RADIUS server.
Configuring Response Timeout of RADIUS Server
For the packet sent by RADIUS client, if response is required from the RADIUS
server, a timeout timer can be set. Then the packet will be retransmitted after the
timer expires.
server, a timeout timer can be set. Then the packet will be retransmitted after the
timer expires.
Table 858 Configuring user specified RADIUS authentication server
Operation
Command
Configure user specified RADIUS
authentication server for PPP user
authentication server for PPP user
radius appoint-authentication [
restricted ]
Disable configuration for PPP user RADIUS
authentication server specified by the user
authentication server specified by the user
undo radius appoint-authentication
[ restricted ]
Table 859 Configuring RADIUS shared secret
Operation
Command
Configure RADIUS server shared secret
radius shared-key string
Delete RADIUS server shared secret
undo radius shared-key