show radius-server

Display the Remote Access Dial-In User Services (RADIUS) server information.

Syntax

Default

None

Command Mode

User EXEC

Command Output

The show radius-server command displays the following information:

Output field

Description

NAME

Specifies the RADIUS server name.

USEDBY

Specifies how the server functions. Configures the server for authentication for one of the following:cli

  • cli

  • eapol

  • endpoint-tracking

  • snmp

  • web

SECRET

Specifies the secret key.

PORT

Specifies the RADIUS server UDP port.

PRIO

Specifies the RADIUS server priority.

RETRY

Specifies the maximum number of authentication retries. The default is 3.

TIMEOUT

Specifies the number of seconds before the authentication request times out. The default is 3.

ENABLED

Specifies whether the RADIUS server is enabled.

SECURE ENABLED

Specifies whether RADSec is enabled on the RADIUS server.

SECURE MODE

Specifies the protocol used for secure connection with the server. Possible values are:

  • tls - Transport Layer Security (TLS) encryption over Transmission Control Protocol (TCP)

  • dtls - Datagram Transport Layer Security (DTLS) encryption over User Datagram Protocol (UDP)

The default is tls.

SECURE INSTANCE

Specifies the radsecproxy instance. The default is -1 (the RADIUS server is not configured for RADSec).

SECURE PROFILE

Specifies the secure profile associated with the RADIUS server.

SECURE LOG-LEVEL

Specifies the secure log level. Possible values are:

  • critical

  • debug

  • error

  • info

  • warning

ACCT PORT

Specifies the RADIUS accounting UDP port.

ACCT ENABLED

Specifies whether RADIUS accounting is enabled.

Example

The following example displays RADIUS server information:

Switch:1#show radius-server
=========================================================================================
                                    Radius Server Entries
=========================================================================================
                                                              SECURE  SECURE SECURE   SECURE   SECURE    ACCT ACCT    
NAME           USEDBY  SECRET PORT PRIO RETRY TIMEOUT ENABLED ENABLED MODE   INSTANCE PROFILE  LOG-LEVEL PORT ENABLED 
------------------------------------------------------------------------------------------------------------------------
192.0.2.14     cli     ****** 1812 10   1     8       true    true    tls    0        radsecp  error     1813 true    
192.0.2.15     cli     ****** 1812 10   1     8       true    false   tls    -1       default  error     1813 true