Modify RADIUS Server Settings
About this task
Change a specified RADIUS server value without having to delete the server and recreate it again.
RADIUS supports IPv4 and IPv6 addresses, with no difference in functionality or configuration using CLI.
Procedure
Example
Modify a RADIUS server:
Switch:1>enable Switch:1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch:1(config)#radius server host 4717:0000:0000:0000:0000:0000:7933:0001 used-by snmp port 12 retry 5 timeout 10 enable
Variable Definitions
The following table defines parameters for the radius server host command.
Variable |
Value |
---|---|
used-by {cli|eapol|endpoint-tracking|snmp|web} |
Configures how the server functions:
The default is cli. |
host WORD <0–46> |
Configures a host server. WORD <0–46> signifies an IPv4 address in the format A.B.C.D or an IPv6 address in the format x:x:x:x:x:x:x:x. RADIUS supports IPv4 and IPv6 addresses, with no difference in functionality or configuration using CLI. |
acct-enable |
Enables RADIUS accounting on this server. The system enables RADIUS accounting by default. |
acct-port <1-65536> |
Configures the UDP port of the RADIUS accounting server. The
default value is 1813.
Important:
The UDP port value set for the client must match the UDP value set for the RADIUS server. |
enable |
Enables the RADIUS server. The default is true. |
key WORD<0–32> |
Configures the secret key of the authentication client. |
port <1-65536> |
Configures the UDP port of the RADIUS authentication server. The default value is 1812. |
priority <1–10> |
Configures the priority value for this server. The default is 10. |
retry <0–6> |
Configures the number of authentication retries the server will accept. The default is 3. |
secure-enable |
Enable RADIUS Security (RADSec). |
secure-log-level |
Specifies the log severity level. Possible values are :
|
secure-mode |
Specifies the protocol used for secure connection to the server. |
secure-profile |
Configures the secure profile for the server. |
timeout <1–180> |
Configures the number of seconds before the authentication request times out. The default is 8. |