beautypg.com

Configuring authentication-method lists for radius, Configuring authentication-method lists for, Radius – Brocade Virtual ADX Administration Guide (Supporting ADX v03.1.00) User Manual

Page 104: Setting the retransmission limit, Setting the timeout parameter

background image

92

Brocade Virtual ADX Administration Guide

53-1003249-01

Configuring RADIUS security

2

Example

Virtual ADX(config)#radius-server key 1 abc

Virtual ADX(config)#write terminal

...

radius-server host 10.2.3.5

radius key 1 $!2d

NOTE

Encryption of the RADIUS keys is done by default. The 0 parameter disables encryption. The 1
parameter is not required; it is provided for backwards compatibility.

Setting the retransmission limit

The retransmit parameter specifies the maximum number of retransmission attempts. When an
authentication request times out, the Brocade software will retransmit the request up to the
maximum number of retransmissions configured. The default retransmit value is 3 retries. The
range of retransmit values is from 0– 5.

To set the RADIUS retransmit limit, enter the following command.

Virtual ADX(config)#radius-server retransmit 5

Syntax: radius-server retransmit number

Setting the timeout parameter

The timeout parameter specifies how many seconds the Brocade Virtual ADX waits for a response
from the RADIUS server before either retrying the authentication request, or determining that the
RADIUS server is unavailable and moving on to the next authentication method in the
authentication-method list. The timeout can be from 1 – 15 seconds. The default is 3 seconds.

Virtual ADX(config)#radius-server timeout 5

Syntax: radius-server timeout number

Configuring authentication-method lists for RADIUS

You can use RADIUS to authenticate Telnet or SSH access and access to Privileged EXEC level and
CONFIG levels of the CLI. When configuring RADIUS authentication, you create
authentication-method lists specifically for these access methods, specifying RADIUS as the
primary authentication method.

Within the authentication-method list, RADIUS is specified as the primary authentication method
and up to six backup authentication methods are specified as alternates. If RADIUS authentication
fails due to an error, the device tries the backup authentication methods in the order they appear in
the list.

When you configure authentication-method lists for RADIUS, you must create a separate
authentication-method list for Telnet or SSH CLI access and for CLI access to the Privileged EXEC
level and CONFIG levels of the CLI.

To create an authentication-method list that specifies RADIUS as the primary authentication
method for securing Telnet access to the CLI, enter the following commands.

Virtual ADX(config)#enable telnet authentication

Virtual ADX(config)#aaa authentication login default radius local

See also other documents in the category Brocade Computer Accessories: