Command Manual - Security
Quidway S3500 Series Ethernet Switches
Chapter 3 AAA & RADIUS Protocol Configuration Commands
Huawei Technologies Proprietary
3-30
requirements. However, at least you have to set one authentication/authorization
server and an accounting server. Besides, ensure that the RADIUS service port
settings on the Ethernet switch is consistent with the port settings on the RADIUS
server.
For the related commands, see
key
,
radius scheme
,
state
.
Example
# Set the IP address of the primary authentication/authorization server of RADIUS
scheme, “huawei”, to 10.110.1.1 and the UDP port 1812 to provide RADIUS
authentication/authorization service.
[Quidway-radius-huawei] primary authentication 10.110.1.1 1812
3.2.13 radius nas-ip
Syntax
radius nas-ip ip-address
undo radius nas-ip
View
System view
Parameter
ip-address
: IP address in dotted decimal format.
Description
Using the
radius nas-ip
command, you can specify the source address of the RADIUS
packet sent from NAS. Using the
undo radius nas-ip
command, you can restore the
default setting.
By specifying the source address of the RADIUS packet, you can avoid unreachable
packets as returned from the server upon interface failure. The source address is
normally recommended to be a loopback interface address..
By default, the source address is not specified, that is, the address of the interface
sending the packet serves as the source address.
This command specifies only one source address; therefore, the newly configured
source address may overwrite the original one.
Example
# Configure the switch to send RADIUS packets from 129.10.10.1.
[Quidway] radius nas-ip 129.10.10.1