beautypg.com

H3C Technologies H3C S3600 Series Switches User Manual

Page 532

background image

2-16

received from each other by using the shared keys that have been set on them, and can accept and

respond to the messages only when both parties have the same shared key.

Follow these steps to configure shared keys for RADIUS messages:

To do…

Use the command…

Remarks

Enter system view

system-view

Create a RADIUS scheme and
enter its view

radius scheme
radius-scheme-name

Required

By default, a RADIUS scheme named
"system" has already been created in
the system.

Set a shared key for RADIUS
authentication/authorization
messages

key authentication
string

Required

By default, no shared key is created.

Set a shared key for RADIUS
accounting messages

key accounting string

Required

By default, no shared key is created.

The authentication/authorization shared key and the accounting shared key you set on the switch must

be respectively consistent with the shared key on the authentication/authorization server and the

shared key on the accounting server.

Configuring the Maximum Number of RADIUS Request Transmission Attempts

The communication in RADIUS is unreliable because this protocol uses UDP packets to carry its data.

Therefore, it is necessary for the switch to retransmit a RADIUS request if it gets no response from the

RADIUS server after the response timeout timer expires. If the switch gets no answer after it has tried

the maximum number of times to transmit the request, the switch considers that the request fails.

Follow these steps to configure the maximum transmission attempts of a RADIUS request:

To do…

Use the command…

Remarks

Enter system view

system-view

Create a RADIUS scheme and
enter its view

radius scheme
radius-scheme-name

Required

By default, a RADIUS scheme
named "system" has already
been created in the system.

Set the maximum number of
RADIUS request transmission
attempts

retry retry-times

Optional

By default, the system can try
three times to transmit a
RADIUS request.

Configuring the Type of RADIUS Servers to be Supported

Follow these steps to configure the type of RADIUS servers to be supported:

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: