2-14
Set a shared key for RADIUS
authentication/authorization
messages
key
authentication
string
Required
By default, no shared key is
created.
Set a shared key for RADIUS
accounting messages
key
accounting
string
Required
By default, no shared key is
created.
The authentication/authorization shared key and the accounting shared key you set on the switch must
be respectively consistent with the shared key on the authentication/authorization server and the
shared key on the accounting server.
Configuring the Maximum Number of RADIUS Request Transmission Attempts
The communication in RADIUS is unreliable because this protocol uses UDP packets to carry its data.
Therefore, it is necessary for the switch to retransmit a RADIUS request if it gets no response from the
RADIUS server after the response timeout timer expires. If the switch gets no answer after it has tried
the maximum number of times to transmit the request, the switch considers that the request fails.
Follow these steps to configure the maximum transmission attempts of a RADIUS request:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Create a RADIUS scheme and
enter its view
radius scheme
radius-scheme-name
Required
By default, a RADIUS scheme
named "system" has already
been created in the system.
Set the maximum number of
RADIUS request transmission
attempts
retry
retry-times
Optional
By default, the system can try
three times to transmit a
RADIUS request.
Configuring the Type of RADIUS Servers to be Supported
Follow these steps to configure the type of RADIUS servers to be supported:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Create a RADIUS scheme and
enter its view
radius scheme
radius-scheme-name
Required
By default, a RADIUS scheme
named "system" has already
been created in the system.
Configure the type of RADIUS
servers to be supported
server-type
{
extended
|
standard
}
Optional