configure radius shared-secret

configure radius [primary | secondary index] shared-secret {encryptedencrypted_secret | secret}

Description

Configures the authentication string used to communicate with the RADIUS authentication server.

Syntax Description

mgmt-access Specifies the switch management RADIUS authentication server.
netlogin Specifies the network login RADIUS authentication server.
primary Configures the authentication string for the primary RADIUS server.
secondary Configures the authentication string for the secondary RADIUS server.
index RADIUS server index.
encrypted Indicates that the string is already encrypted.
secret The string to be used for authentication.

Default

Unconfigured.

Usage Guidelines

The secret must be the same between the client switch and the RADIUS server.

The RADIUS server must first be configured for use with the switch as a RADIUS client.

The mgmt-access keyword specifies the RADIUS server used for switch management authentication.

The netlogin keyword specifies the RADIUS server used for network login authentication.

If you do not specify the mgmt-access or netlogin keywords, the secret applies to both the primary or secondary switch management and netlogin RADIUS servers.

The encrypted keyword is primarily for the output of the show configuration command, so the shared secret is not revealed in the command output. Do not use it to set the shared secret.

Example

The following example configures the shared secret as "purplegreen" on the primary RADIUS server for both switch management and network login:

configure radius primary shared-secret purplegreen

The following example configures the shared secret as "redblue" on the primary switch management RADIUS server:

configure radius mgmt-access primary shared-secret redblue

History

This command was first available in ExtremeXOS 10.1.

The encrypted keyword was added in ExtremeXOS 11.0.

The mgmt-access and netlogin keywords were added in ExtremeXOS 11.2.

The index variable was added in ExtremeXOS 16.1.

Platform Availability

This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.