Configuring the status of radius servers – H3C Technologies H3C S3600 Series Switches User Manual
Page 533
2-17
To do…
Use the command…
Remarks
Enter system view
system-view
—
Create a RADIUS scheme and
enter its view
radius scheme
radius-scheme-name
Required
By default, a RADIUS scheme
named "system" has already
been created in the system.
Configure the type of RADIUS
servers to be supported
server-type { extended |
standard }
Optional
z
If you change the RADIUS server type, the units of data flows sent to RADIUS servers will be
restored to the defaults.
z
When the third party RADIUS server is used, you can select standard or extended as the
server-type in a RADIUS scheme; when the CAMS server is used, you can select extended as the
server-type in a RADIUS scheme.
Configuring the Status of RADIUS Servers
For the primary and secondary servers (authentication/authorization servers, or accounting servers) in
a RADIUS scheme:
When the switch fails to communicate with the primary server due to some server trouble, the switch will
turn to the secondary server and exchange messages with the secondary server.
After the primary server remains in the block state for a set time (set by the timer quiet command), the
switch will try to communicate with the primary server again when it receives a RADIUS request. If it
finds that the primary server has recovered, the switch immediately restores the communication with
the primary server instead of communicating with the secondary server, and at the same time restores
the status of the primary server to active while keeping the status of the secondary server unchanged.
When both the primary and secondary servers are in active or block state, the switch sends messages
only to the primary server.
Follow these steps to set the status of RADIUS servers:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Create a RADIUS scheme and
enter its view
radius scheme
radius-scheme-name
Required
By default, a RADIUS scheme
named "system" has already
been created in the system.
Set the status of the primary
RADIUS
authentication/authorization
server
state primary authentication
{ block | active }
Set the status of the primary
RADIUS accounting server
state primary accounting
{ block | active }
Optional
By default, the RADIUS servers
specified with IP addresses in
the RADIUS scheme are all in
the active state.