H3C Technologies H3C WA3600 Series Access Points User Manual

207

Table 82 Configuration items

Item Description

Authentication Key

Set the shared key for RADIUS authentication packets and that for RADIUS
accounting packets.
The RADIUS client and the RADIUS authentication/accounting server use MD5 to
encrypt RADIUS packets, and they verify the validity of packets through the

specified shared key. Only if the shared key of the client and that of the server are

the same, will the client and the server receive and respond to packets from each
other.

IMPORTANT:

•

The shared keys configured on the device must be consistent with those

configured on the RADIUS servers.

•

The shared keys configured in the common configuration part are used only

when no corresponding shared keys are configured in the RADIUS server

configuration part.

Confirm Authentication
Key

Accounting Key

Confirm Accounting Key

Quiet Time

Set the time the device keeps an unreachable RADIUS server in blocked state.
If you set the quiet time to 0, when the device needs to send an authentication or
accounting request but finds that the current server is unreachable, it does not

change the server's status that it maintains. It simply sends the request to the next
server in active state. As a result, when the device needs to send a request of the

same type for another user, it still tries to send the request to the server because the

server is in active state.
You can use this parameter to control whether the device changes the status of an
unreachable server. For example, if you determine that the primary server is

unreachable because the device's port for connecting the server is out of service

temporarily or the server is busy, you can set the time to 0 so that the device uses the
primary server as much.

Server Response Timeout
Time

Set the RADIUS server response timeout time.
If the device sends a RADIUS request to a RADIUS
server but receives no response within the specified

server response timeout time, it retransmits the

request. Setting a proper value according to the

network conditions helps in improving the system
performance.

IMPORTANT:

The server response timeout

time multiplied by the

maximum number of RADIUS

packet transmission attempts
must not exceed 75.

Request Transmission
Attempts

Set the maximum number of attempts for
transmitting a RADIUS packet to a single RADIUS

server. If the device does not receive a response to

its request from the RADIUS server within the
response timeout period, it retransmits the RADIUS

request. If the number of transmission attempts

exceeds the limit but the device still receives no
response from the RADIUS server, the device

considers the request a failure.