Справочное Руководство для 3com 8807
RADIUS Protocol Configuration Commands
337
Description
Use the local-server command to configure the parameters of local RADIUS
server. Using undo local-server command, you can cancel a local RADIUS server.
server. Using undo local-server command, you can cancel a local RADIUS server.
RADIUS service, which adopts authentication/authorization/accounting servers to
manage users, is widely used in 3Com series switches. Besides, local
authentication/authorization service is also used in these products and it is called
local RADIUS function, i.e. realize basic RADIUS function on the switch.
manage users, is widely used in 3Com series switches. Besides, local
authentication/authorization service is also used in these products and it is called
local RADIUS function, i.e. realize basic RADIUS function on the switch.
c
CAUTION:
■
When using local RADIUS server function of 3Com, remember the number of
UDP port used for authentication is 1645 and that for accounting is 1646.
UDP port used for authentication is 1645 and that for accounting is 1646.
■
The password configured by this command must be the same as that of the
RADIUS authentication/authorization packet configured by the command key
authentication in RADIUS scheme view.
RADIUS authentication/authorization packet configured by the command key
authentication in RADIUS scheme view.
■
When operating as a local RADIUS server, a 3Com Switch 8800 Family Series
Routing Switch supports CHAP and PAP authentications but not EAP
MD5-challenge authentication.
Routing Switch supports CHAP and PAP authentications but not EAP
MD5-challenge authentication.
3Com series switches support up to 16 local RADIUS scheme.
Related command: radius scheme, state.
Example
# Set the IP address of local RADIUS scheme to 10.110.1.2 and the password to
3com.
3com.
[SW8800] local-server nas-ip 10.110.1.2 key 3Com
nas-ip
Syntax
nas-ip ip-address
undo nas-ip
View
RADIUS scheme view
Parameter
ip-address: Source IP address which is expressed in the format of dotted decimal
notation.
notation.
Description
Use the nas-ip command to configure the source IP address which NAS switch
uses to send RADIUS packets. In this case, all the packets sent to Radius server
carry the same source IP address.
uses to send RADIUS packets. In this case, all the packets sent to Radius server
carry the same source IP address.
Use the undo nas-ip command to undo the configuration.
By specifying the source IP address used in sending Radius packets, you can avoid
unreachability of packets back from the server when the physical interface fails. It
is recommended to use the Loopback interface address.
unreachability of packets back from the server when the physical interface fails. It
is recommended to use the Loopback interface address.