322
DWS-1008 User’s Manual
D-Link Systems, Inc.
Configuring Communication with RADIUS
Setting the System IP Address as the Source Address
By default, RADIUS packets leaving the switch have the source IP address of the outbound
interface on the switch. This source address can change when routing conditions change.
If you have set a system IP address for the switch, you can use it as a permanent source
address for the RADIUS packets sent by the switch.
To set the system IP address as the address of the RADIUS client, type the following
command:
DWS-1008#
set radius client system-ip
success: change accepted.
To remove the switch’s system IP address from use as the source address in RADIUS client
requests from the switch to its RADIUS server(s), type the following command:
DWS-1008#
clear radius client system-ip
success: change accepted.
The command causes the switch to select a source interface address based on information
in its routing table as the RADIUS client address.
Configuring Individual RADIUS Servers
You must set up a name and IP address for each RADIUS server. To configure a RADIUS
server, use the following command:
set radius server
server-name
[
address
ip-address
] [
key
string
]
The server name must be unique for this RADIUS server on this switch. The key (password)
string
is the shared secret that the switch uses to authenticate itself to the RADIUS server.
Do not use the same name for a RADIUS server and a RADIUS server group.
For example, the following command names a RADIUS server
rs1
with the IP address
192.168.0.2 and the key
testing123
:
DWS-1008#
set radius server rs1 address 192.168.0.2 key testing123
success: change accepted.
You can configure multiple RADIUS servers. When you define server names and keys, case
is significant. For example:
DWS-1008#
set radius server rs1 address 10.6.7.8 key seCret
success: change accepted.
DWS-1008#
set radius server rs2 address 10.6.7.9 key BigSecret
success: change accepted.