beautypg.com

User (radius server) – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 1363

background image

Local RADIUS Server Commands

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

51.35

user (RADIUS server)

Use this command to register a user to the local RADIUS server.

Use the no variant of this command to delete a user from the local RADIUS server.

Syntax

user <radius-user-name> [encrypted] password <user-password>

[group <user-group>]

no user <radius-user-name>

Mode

RADIUS Server Configuration

Usage

RADIUS user names cannot contain question mark (?), space ( ), or quote (“ “) characters.
RADIUS user names containing the below characters cannot use certificate
authentication:

/ \ ‘ $ & ( ) * ; < > ‘ |

Certificates cannot be created and exported for RADIUS user names that contain the
above characters. We advise you to avoid using these characters in RADIUS user names if
you need to use certificate authentication, because you will not be able to create and
export certificates.

You also can use the IEEE standard format hexadecimal notation (HH-HH-HH-HH-HH-
HH

) to specify a supplicant MAC address to configure the user name and user password

parameters to use local RADIUS server for MAC Authentication. See the

Sample MAC

Authentication Configuration

in

Chapter 44, AAA Introduction and Configuration

.

See also the command user 00-db-59-ab-70-37 password 00-db-59-ab-70-37 as shown
in the command examples.

Parameter

Description

<radius-user-name>

RADIUS user name. This can also be a MAC address in the
IEEE standard format of HH-HH-HH-HH-HH-HH if you are
configuring MAC authentication to use local RADIUS server.

encrypted

Specifies that the password is being entered in its
encrypted form, so that it is not further encrypted.

When creating a new user, enter the password in plaintext,
and do not use the encrypted parameter.

Use the encrypted parameter only when referring to a user
that has previously been created. For instance, when
adding an existing user from another RADIUS server, use
the encrypted parameter, and enter the encrypted version
of the password that appears in the output of show
commands for the user.

<user-password>

User password. This can also be a MAC address in the IEEE
standard format of HH-HH-HH-HH-HH-HH if you are
configuring MAC authentication to use local RADIUS server.

group

Specify the group for the user.

<user-group>

User group name.

See also other documents in the category Allied Telesis Computer hardware: