beautypg.com

Enabling snmp to configure radius, Identifying the radius server to the bigiron rx, Identifying the radius server to the – Brocade BigIron RX Series Configuration Guide User Manual

Page 174: Bigiron rx

background image

96

BigIron RX Series Configuration Guide

53-1002484-04

Configuring RADIUS security

3

Enabling SNMP to configure RADIUS

RADIUS is disabled by default. To enable SNMP access to RADIUS MIB objects on the device, enter
a command such as the following.

BigIron RX(config)#enable snmp config-radius

Syntax: [no] enable snmp <config-radius | config-tacacs>

The <config-radius> parameter specifies the RADIUS configuration mode. RADIUS is disabled by
default.

The <config-tacacs> parameter specifies the TACACS configuration mode. TACACS is disabled by
default.

Identifying the RADIUS server to the BigIron RX

To use a RADIUS server to authenticate access to a BigIron RX, you must identify the server to the
BigIron RX.

BigIron RX(config)# radius-server host 209.157.22.99

Syntax: radius-server host <ip-addr> | <server-name> [auth-port <number> acct-port <number>]

The host <ip-addr>| ipv6 <ipv6-addr> | <server-name> parameter is either an IP address or an
ASCII text string.

The <auth-port> parameter is the Authentication port number; it is an optional parameter. The
default is 1812.

The <acct-port> parameter is the Accounting port number; it is an optional parameter. The default
is 1813.

brocade-command-string

2

string

Specifies a list of CLI commands that are
permitted or denied to the user when RADIUS
authorization is configured.
The commands are delimited by semi-colons
(;). You can specify an asterisk (*) as a
wildcard at the end of a command string.
For example, the following command list
specifies all show and debug ip commands,
as well as the write terminal command:
show *; debug ip *; write term*

brocade-command-exception-flag

3

integer

Specifies whether the commands indicated
by the brocade-command-string attribute are
permitted or denied to the user. This attribute
can be set to one of the following:
0

Permit execution of the commands

indicated by brocade-command-string, deny
all other commands.
1

Deny execution of the commands

indicated by brocade-command-string, permit
all other commands.

TABLE 38

Brocade vendor-specific attributes for RADIUS (Continued)

Attribute name

Attribute ID

Data type

Description

See also other documents in the category Brocade Computer Accessories: