Brocade Communications Systems Brocade ICX 6650 6650 Manual De Usuario
56
Brocade ICX 6650 Security Configuration Guide
53-1002601-01
RADIUS security
The privilege-level parameter can be one of the following:
•
0 – Records commands available at the Super User level (all commands)
•
4 – Records commands available at the Port Configuration level (port-config and read-only
commands)
commands)
•
5 – Records commands available at the Read Only level (read-only commands)
Configuring RADIUS accounting for system events
You can configure RADIUS accounting to record when system events occur on the Brocade device.
System events include rebooting and when changes to the active configuration are made.
System events include rebooting and when changes to the active configuration are made.
The following command causes an Accounting Start packet to be sent to the RADIUS accounting
server when a system event occurs, and a Accounting Stop packet to be sent when the system
event is completed.
server when a system event occurs, and a Accounting Stop packet to be sent when the system
event is completed.
Brocade(config)# aaa accounting system default start-stop radius
Syntax: aaa accounting system default start-stop radius | tacacs+ | none
Configuring an interface as the source for all
RADIUS packets
RADIUS packets
You can designate the lowest-numbered IP address configured an Ethernet port, loopback
interface, or virtual interface as the source IP address for all RADIUS packets from the Layer 3
switch. For configuration details, refer to Brocade ICX 6650 Layer 3 Routing Configuration Guide.
interface, or virtual interface as the source IP address for all RADIUS packets from the Layer 3
switch. For configuration details, refer to Brocade ICX 6650 Layer 3 Routing Configuration Guide.
Displaying RADIUS configuration information
The show aaa command displays information about all TACACS/TACACS+ and RADIUS servers
identified on the device.
identified on the device.
Example
The following table describes the RADIUS information displayed by the show aaa command.
Brocade# show aaa
Tacacs+ key: foundry
Tacacs+ retries: 1
Tacacs+ timeout: 15 seconds
Tacacs+ dead-time: 3 minutes
Tacacs+ Server: 10.95.6.90 Port:49:
opens=6 closes=3 timeouts=3 errors=0
packets in=4 packets out=4
no connection
Radius key: networks
Radius retries: 3
Radius timeout: 3 seconds
Radius dead-time: 3 minutes
Radius Server: 10.95.6.90 Auth Port=1645 Acct Port=1646:
opens=2 closes=1 timeouts=1 errors=0
packets in=1 packets out=4
no connection
Tacacs+ key: foundry
Tacacs+ retries: 1
Tacacs+ timeout: 15 seconds
Tacacs+ dead-time: 3 minutes
Tacacs+ Server: 10.95.6.90 Port:49:
opens=6 closes=3 timeouts=3 errors=0
packets in=4 packets out=4
no connection
Radius key: networks
Radius retries: 3
Radius timeout: 3 seconds
Radius dead-time: 3 minutes
Radius Server: 10.95.6.90 Auth Port=1645 Acct Port=1646:
opens=2 closes=1 timeouts=1 errors=0
packets in=1 packets out=4
no connection