Table 283: RADIUS Configuration Fields
Field
Description
Max Number of Retransmits
The maximum number of times the RADIUS client on the device will retransmit a
request packet to a configured RADIUS server after a response is not received. If
multiple RADIUS servers are configured, the max retransmit value will be
exhausted on the first server before the next server is attempted. A retransmit
will not occur until the configured timeout value on that server has passed
without a response from the RADIUS server. Therefore, the maximum delay in
receiving a response from the RADIUS server equals the sum of (retransmit ×
timeout) for all configured servers. If the RADIUS request was generated by a
user login attempt, all user interfaces will be blocked until the RADIUS
application returns a response.
Timeout Duration
The number of seconds the RADIUS client waits for a response from the RADIUS
server. Consideration to maximum delay time should be given when configuring
RADIUS timeout and RADIUS max retransmit values.
Accounting Mode
Specifies whether the RADIUS accounting mode on the device is enabled or
disabled.
NAS-IP Address
The network access server (NAS) IP address for the RADIUS server. To specify an
address, click the Edit icon and enter the IP address of the NAS in the available
field. The address should be unique to the NAS within the scope of the RADIUS
server. The NAS IP address is used only in Access-Request packets. To reset the
NAS IP address to the default value, click the Reset icon and confirm the action.
Use the buttons at the bottom of the page to perform the following actions:
•
Click
Refresh
to update the page with the most current information.
•
If you make changes to the page, click
Submit
to apply the changes to the system.
Named Server Status
The RADIUS Named Server Status page shows summary information about the
servers
configured on the system.
To access this page, click
Security
>
RADIUS
>
Named Server
in the navigation menu.
Use the buttons to perform the following tasks:
•
To add a RADIUS authentication server to the list of servers the RADIUS client can contact, click
Add
.
•
To change the settings for a configured RADIUS server, select the entry to modify and click
Edit
. You
cannot change the IP address or host name for a server after it has been added.
•
To remove a configured RADIUS server from the list, select the entry to delete and click
Remove
.
You must confirm the action before the entry is deleted.
Managing Device Security
ExtremeSwitching 200 Series: Administration Guide
285