Command Manual – AAA & RADIUS & HWTACACS & EAD
Quidway S3900 Series Ethernet Switches-Release 1510
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Huawei Technologies Proprietary
1-42
[Quidway-radius-radius1] primary accounting 10.110.1.2 1813
1.2.13 primary authentication
Syntax
primary authentication
ip-address
[
port-number
]
undo primary authentication
View
RADIUS scheme view
Parameter
ip-address
: IP address, in dotted decimal notation. By default, the IP address of the
primary authentication/authorization server is 0.0.0.0.
port-number
: UDP port number, ranging from 1 to 65535. By default, the UDP port
number of the primary authentication/authorization service is 1812.
Description
Use the
primary authentication
command to set the IP address and port number of
the primary RADIUS authentication/authorization server.
Use the
undo primary authentication
command to restore the default IP address
and port number of the primary RADIUS authentication/authorization server.
Note that:
z
After creating a new RADIUS scheme, you should configure the IP address and
UDP port number of each RADIUS server you want to use in this scheme. These
RADIUS servers fall into two types: authentication/authorization, and accounting.
And for each kind of server, you can configure two servers in a RADIUS scheme:
primary and secondary servers. A RADIUS scheme has the following attributes:
IP addresses of the primary and secondary servers, shared keys, and types of
the RADIUS servers.
z
In an actual network environment, you can configure the above parameters as
required. But you should configure at least one authentication/authorization
server and one accounting server, and at the same time, you should keep the
RADIUS service port settings on the switch consistent with those on the RADIUS
servers.
z
The IP address and port number of the primary authentication server used by the
default RADIUS scheme "system" are 127.0.0.1 and 1645.
Related command:
key
,
radius scheme
and
state
.