Netgear XCM8806 - 8800 SERIES 6-SLOT CHASSIS SWITCH ユーザーズマニュアル
Chapter 17. Security
|
477
NETGEAR 8800 User Manual
Enabling and Disabling the RADIUS Client Service
The RADIUS client service can be enabled or disabled without affecting the client
configuration. When the client service is disabled, the client does not communicate with the
RADIUS server, so authentication must take place through the another service such as the
local database or a TACACS+ server.
configuration. When the client service is disabled, the client does not communicate with the
RADIUS server, so authentication must take place through the another service such as the
local database or a TACACS+ server.
Note:
You cannot use RADIUS and TACACS+ at the same time.
To enable the RADIUS client service, use the following command:
enable radius {mgmt-access | netlogin}
To disable the RADIUS client service, use the following command:
disable radius {mgmt-access | netlogin}
If you do not specify the
mgmt-access
or
netlogin
keywords, RADIUS authentication is
enabled or disabled on the switch for both management and network login.
Configuring the RADIUS Client for Accounting
The following sections provide information on configuring the RADIUS client for RADIUS
accounting:
accounting:
Specifying the RADIUS Accounting Server Addresses
Before the RADIUS client software can communicate with a RADIUS accounting server, you
must specify the server address in the client software. You can specify up to two accounting
servers, and you can use either an IP address or a host name to identify each server.
must specify the server address in the client software. You can specify up to two accounting
servers, and you can use either an IP address or a host name to identify each server.
To specify RADIUS accounting servers, use the following command:
configure radius-accounting {mgmt-access | netlogin} [primary | secondary]
server [<ipaddress> | <hostname>] {<tcp_port>} client-ip [<ipaddress>] {vr
<vr_name>}
The default port value for accounting is 1813. The client IP address is the IP address used by
the RADIUS server for communicating back to the switch.
the RADIUS server for communicating back to the switch.
To configure the primary RADIUS accounting server, specify
primary
. To configure the
secondary RADIUS accounting server, specify
secondary
.
By default, switch management and network login use the same primary and secondary
RADIUS servers for accounting. To specify one pair of RADIUS accounting servers for switch
RADIUS servers for accounting. To specify one pair of RADIUS accounting servers for switch