Command Manual – AAA RADIUS HWTACACS
H3C S7500E Series Ethernet Switches
Chapter 1 AAA/RADIUS/HWTACACS
Configuration Commands
1-42
z
The RADIUS service port configured on the device and that of the RADIUS server
must be consistent.
Related commands:
key
,
radius scheme
,
state
.
Examples
# Set the IP address of the primary accounting server for RADIUS scheme radius1 to
10.110.1.2 and the UDP port of the server to 1813.
<Sysname> system-view
[Sysname] radius scheme radius1
[Sysname-radius-radius1] primary accounting 10.110.1.2 1813
1.2.8 primary authentication
Syntax
primary authentication
ip-address
[
port-number
]
undo primary authentication
View
RADIUS scheme view
Parameters
ip-address
: IP address of the primary authentication/authorization server.
port-number
: UDP port number of the primary authentication/authorization server,
which ranges from 1 to 65535.
Description
Use the
primary authentication
command to configure the IP address and UDP port
of the primary RADIUS authentication/authorization server.
Use the
undo primary authentication
command to restore the defaults.
By default, the default IP address is 0.0.0.0, and the default port number 1812.
Note that:
z
After creating a RADIUS scheme, you are supposed to configure the IP address
and UDP port of each RADIUS server (primary/secondary
authentication/authorization or accounting server). The configuration of RADIUS
servers is at your discretion except that there must be at least one
authentication/authorization server and one accounting server. Besides, ensure
that the RADIUS service port settings on the device are consistent with the port
settings on the RADIUS servers.
z
The IP addresses of the primary and secondary authentication/authorization
servers cannot be the same. Otherwise, the configuration fails.