beautypg.com

Enabling snmp traps for radius, Identifying the radius server to the, Brocade device – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 75

background image

Multi-Service IronWare Security Configuration Guide

57

53-1003035-02

Configuring RADIUS security

1

Enabling SNMP traps for RADIUS

To enable SNMP traps for RADIUS on a Brocade device, you must execute the enable snmp
config-radius command as shown in the following.

Brocade(config)# enable snmp config-radius

Syntax: [no] enable snmp [config-radius | config-tacacs]

The config-radius parameter specifies that traps will be enabled for RADIUS. Generation of Radius
traps is disabled by default.

The config-tacacs parameter specifies that traps will be enabled for TACACS. Generation of TACACS
traps is disabled by default.

Identifying the RADIUS server to the Brocade device

To use a RADIUS server to authenticate access to a Brocade device, you must identify the server to
the Brocade device.

Brocade(config)# radius-server host 10.157.22.99

Syntax: [no] radius-server host ip-addr | server-name [auth-port number acct-port number]

The host ip-addr | server-name parameter is either an IP address or an ASCII text string.

The auth-port parameter is the Authentication port number; it is an optional parameter. The default
is 1812.

The acct-port parameter is the Accounting port number; it is an optional parameter. The default is
1813.

Specifying different servers for individual
AAA functions

In a RADIUS configuration, you can designate a server to handle a specific AAA task. For example,
you can designate one RADIUS server to handle authorization and another RADIUS server to
handle accounting. You can specify individual servers for authentication and accounting, but not
for authorization. You can set the RADIUS key for each server.

To specify different RADIUS servers for authentication and accounting, enter a command such as
the following.

Brocade(config)# radius-server host 10.2.3.4 auth-port 1812 acct-port 1813

authentication-only key abc

Brocade(config)# radius-server host 10.2.3.6 auth-port 1812 acct-port 1813

accounting-only key ghi

Syntax: [no] radius-server host ip-addr | server-name [auth-port number acct-port number]|

[health-check enable]| disable] [authentication-only | accounting-only | default] [key
[0|1|2] string [dot1x]]]

The host ip-addr | server-name parameter is either an IP address or an ASCII text string.

The auth-port number parameter specifies what port to use for RADIUS authentication. The default
is 1812.

See also other documents in the category Brocade Computer Accessories: