Configuring radius, Overview, Configuring a radius scheme – H3C Technologies H3C MSR 50 User Manual

335

Configuring RADIUS

You can configure RADIUS through the Web interface.

Overview

Remote Authentication Dial-In User Service (RADIUS) protocol is a distributed information interaction
protocol that uses a client/server model to implement AAA. It can protect networks against unauthorized

access and is often used in network environments that require both high security and remote user access.
RADIUS uses UDP port 1812 for authentication and UDP port 1813 for accounting.
RADIUS was originally designed for dial-in user access. With the addition of new access methods,
RADIUS has been extended to support additional access methods, including Ethernet and ADSL.

RADIUS provides access authentication, authorization, and accounting services. The accounting function

collects and records network resource usage information.
For more information about RADIUS and AAA, see H3C MSR Series Routers Configuration Guides (V5).

Configuring a RADIUS scheme

A RADIUS scheme defines a set of parameters that the device uses to exchange information with the

RADIUS servers. There might be authentication servers and accounting servers, or primary servers and

secondary servers. The parameters mainly include the IP addresses of the servers, the shared keys, and
the RADIUS server type. By default, no RADIUS scheme exists.
To configure a RADIUS scheme:

1.

Select Advanced > RADIUS from the navigation tree.

Figure 337 RADIUS scheme list

2.

Click Add.