3com S7906E 설치 설명서
1-31
Specifying the Source IP Address for RADIUS Packets to Be Sent
After you specify the source IP address for RADIUS packets to be sent, if the physical port for sending
the RADIUS packets fails, response packets from the RADIUS server will be able to arrive the NAS.
Follow these steps to specify the source IP address for RADIUS packets to be sent:
To do…
Use the command…
Remarks
Enter system view
system-view
—
In system
view
view
radius nas-ip { ip-address |
ipv6 ipv6-address }
ipv6 ipv6-address }
radius scheme
radius-scheme-name
radius-scheme-name
Specify the
source IP
address for
RADIUS
packets to be
sent
source IP
address for
RADIUS
packets to be
sent
In RADIUS
scheme view
scheme view
nas-ip { ip-address | ipv6
ipv6-address }
ipv6-address }
Required
Use either approach
By default, there is no source IP
address specified for RADIUS
packets and the IP address of
the interface for sending the
RADIUS packets will be used
as the source IP address of the
RADIUS packets.
address specified for RADIUS
packets and the IP address of
the interface for sending the
RADIUS packets will be used
as the source IP address of the
RADIUS packets.
The setting by the nas-ip command in RADIUS scheme view is only for the RADIUS scheme, while that
by the radius nas-ip command in system view is for all RADIUS schemes. However, the setting in
RADIUS scheme view takes precedence over that in system view.
Setting Timers Regarding RADIUS Servers
When communicating with the RADIUS server, a device can enable the following three timers:
z
RADIUS server response timeout (response-timeout): If a NAS receives no response from the
RADIUS server in a period of time after sending a RADIUS request (authentication/authorization or
accounting request), it has to resend the request so that the user has more opportunity to obtain
the RADIUS service. The NAS uses the RADIUS server response timeout timer to control the
transmission interval.
z
Primary server quiet timer (timer quiet): If the primary server is not reachable, its state changes to
blocked, and the device will turn to the specified secondary server. If the secondary server is
reachable, the device starts this timer and communicates with the secondary server. After this
timer expires, the device turns the state of the primary server to active and tries to communicate
with the primary server while keeping the state of the secondary server unchanged. If the primary
server has come back into operation, the device interacts with the primary server and terminates its
communication with the secondary server.
z
Real-time accounting interval (realtime-accounting): This timer defines the interval for performing
real-time accounting of users. After this timer is set, the switch will send accounting information of
online users to the RADIUS server at the specified interval.
Follow these steps to set timers regarding RADIUS servers: