beautypg.com

Aaa server groups configuration, Server groups configuration – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 1262

background image

RADIUS Introduction and Configuration

Software Reference for x310 Series Switches

46.12

AlliedWare Plus

TM

Operating System - Version 5.4.4C

C613-50046-01 REV A

AAA Server Groups Configuration

Configuring the switch to use AAA server groups provides a way to group existing server
hosts. This allows you to select a subset of the configured server hosts and use them for a
particular service. A server group is used in conjunction with a global server-host list. The
server group lists the IP addresses of the selected server hosts.

Server groups also can include multiple host entries for the same server, as long as each
entry has a unique identifier. The combination of an IP address and a UDP port number
creates a unique identifier, allowing different ports to be individually defined as RADIUS
hosts providing a specific AAA service.

To define a server host with a server group name, enter the following commands in the
Global Configuration mode. The listed RADIUS server must exist in the Global
Configuration mode:

Mode and Command

Command Purpose

awplus(config)#

radius-server
host {<hostname>|
<ip-address>}
[auth-port <port-number>]
[acct-port <port-number>]
[timeout <seconds>]
[retransmit <retries>]
[key <string>]

Specifies and defines the IP address of the server
host before configuring the AAA server-group.
Refer to the section

Switch to RADIUS Server

Communication

of this chapter for more

information on the

radius-server host

command.

awplus(config-if)#

aaa group server
<group-name>

Defines the AAA server group with a group name.
This command puts the switch in server group
sub configuration mode.

awplus(config-sg)#

server
{<hostname>|<ip-address>}
[auth-port <port-number>]
[acct-port <port-number>]

Associates a particular RADIUS server with the
defined server group. Each security server is
identified by its IP address and UDP port number.
Repeat this step for each RADIUS server in the
AAA server group.
Each server in the group must be defined
previously using the radius-server host command.

See also other documents in the category Allied Telesis Computer hardware: