Setting the supported radius server type, Setting the status of radius servers – H3C Technologies H3C S7500E Series Switches User Manual
Page 41
2-12
Setting the supported RADIUS server type
The supported RADIUS server type determines the type of the RADIUS protocol that the device uses
to communicate with the RADIUS server. It can be standard or extended:
z
Standard: Uses the standard RADIUS protocol, RFC 2865 and RFC 2866 or later.
z
Extended: Uses the proprietary RADIUS protocol of H3C.
When the RADIUS server runs iMC, you must set the RADIUS server type to extended. When the
RADIUS server runs third-party RADIUS server software, you can set the RADIUS server type to
standard or extended.
Follow these steps to set the RADIUS server type:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter RADIUS scheme view
radius scheme
radius-scheme-name
—
Set the RADIUS server type
server-type { extended |
standard }
Optional
standard by default
If you change the RADIUS server type, the unit for data flows or packets to be sent to the RADIUS
server will be restored to the default.
Setting the status of RADIUS servers
By setting the status of RADIUS servers to block or active, you can control which servers the device
will communicate with for authentication, authorization, and accounting or turn to when the current
servers are not available any more. With both primary servers and secondary servers configured, the
device chooses servers based on these rules:
z
When the primary server and secondary server are both in active state, the device communicates
with the primary server. If the primary server fails, the device changes the status of the primary
server to block and turns to the secondary server. When the quiet timer times out, the device
resumes the status of the primary server to active while keeping the status of the secondary
server unchanged. In the case of authentication/authorization, the device resumes the
communication with the primary server; in the case of accounting, however, the device keeps
communicating with the secondary server if accounting has already started, no matter whether
the primary server recovers or not.
z
When the primary server and secondary server are both in block state, the device communicates
with the primary server. If the primary server is available, its status changes to active; otherwise,
the status of the primary server remains the same.
z
If one server is in active state while the other is in block state, the device only tries to
communicate with the server in active state, even if the server is unavailable.