HP procurve 2500 Manuel D’Utilisation

    126

Configuring RADIUS Authentication and Accounting

Changing RADIUS-Server Access Order

The switch tries to access RADIUS servers according to the order in which their IP addresses are 
listed by the 

show radius command. Also, when you add a new server IP address, it is placed in the 

.

Adding or deleting a RADIUS server IP address leaves an empty position, but does not change the 
position of any other server addresses in the list. For example if you initially configure three server 
addresses, they are listed in the order in which you entered them. However, if you subsequently 
remove the second server address in the list and add a new server address, the new address will be 
placed second in the list.

Thus, to move a server address up in the list, you must delete it from the list, ensure that the position 
to which you want to move it is vacant,  and then re-enter it. For example, suppose you have already 
configured the following three RADIUS server IP addresses in the switch:

To exchange the positions of the addresses so that the server at 10.10.10.003 will be the first choice 
and the server at 10.10.10.001 will be the last, you would do the following:

1.

Delete 10.10.10.003 from the list. This opens the third (lowest) position in the list.

2.

Delete 10.10.10.001 from the list. This opens the first (highest) position in the list.

3.

Re-enter 10.10.10.003. Because the switch places a newly entered address in the highest-
available position, this address becomes first in the list.

4.

Re-enter 10.10.10.001. Because the only position open is the third position, this address becomes 
last in the list.

RADIUS server IP addresses listed in the order in 
which the switch will try to access them. In this 

case, the server at IP address 1.1.1.1 is first.

Note: If the switch successfully accesses the first 

server, it does not try to access any other servers 
in the list, even if the client is denied access by the 
first server.