RADIUS configuration
106
SmartWare Software Configuration Guide
8 • RADIUS Client Configuration
Transactions between the RADIUS client and server are authenticated through the use of a shared secret, which is
never sent over the network—the same secret must thus be known to the server and the client by configuration.
Using this secret as an encryption key, user passwords are sent encrypted between the client and RADIUS server.
Configuring RADIUS clients
If the AAA profiles you have defined make use of the RADIUS AAA method, you must configure the corre-
sponding RADIUS clients. To configure RADIUS clients, do the following steps:
Mode
: Configure
Example
: Configure the RADIUS clients as shown in
figure 15
.
node>enable
node#configure
node(cfg)#radius-client radius_deepblue
node(radius)[radius_~]#radius-server deepblue
node(radius)[radius_~]#shared-secret authentication 78f8a23b
node(radius)[radius_~]#exit
node(cfg)#radius-client radius_extern
node(radius)[radius_~]#radius-server 219.144.12.1
node(radius)[radius_~]#shared-secret authentication dd9351e13cc335
node(radius)[radius_~]#exit
node(cfg)#
node(cfg)#show radius-client
RADIUS clients:
radius_deepblue
radius_extern
node(cfg)#show radius-client radius_deepblue
AAA RADIUS Module: radius_deepblue
Authentication Shared Secret: 78f8a23b
Timeout: 6
Sessions:
UDP Interface:
Configured Server Hostname: deepblue
node(cfg)#show radius-client radius_extern
AAA radius Module: radius_extern
Authentication Shared Secret: dd9351e13cc335
Timeout: 6
Sessions:
UDP Interface:
Configured Server Hostname: 219.144.12.1
Step
Command
Purpose
1
node
(cfg)#radius-client
name
Adds a RADIUS client with name
name
and
enters RADIUS-client configuration mode
2
node(radius)[name]#radius-server
host-
name
Sets the hostname (or IP address) of the remote
RADIUS server
3
node(radius)[name]#shared-secret
authentication
secret
Sets the password shared between the RADIUS
client and the remote RADIUS server.
4
node(radius)[name]#exit
Goes back to the parent configuration mode
5
node(cfg)#show radius-client
name
Displays configured RADIUS servers