Note
It is recommended to enable loopback mode on the VLAN associated with RADIUS if the RADIUS connectivity is established using a front panel port on a SummitStack.dynamic-authorization | Specifies RADIUS dynamic authorization. |
index | RADIUS server index. Range: 1–2147483641. |
nas-ip | Specifies configuring the Network Access Server (NAS) IP Address requirement. |
ignore | Specifies to ignore the NAS-IP Address requirement. |
require | Specifies to require the NAS-IP Address (default). |
server host_ipaddr host_ipV6addr | Server IPv4 address in either IPv4 (host_ipaddr) or IPv6 (host_ipV6addr) format. |
hostname | The host name of the server being configured. |
tls | Specifies using Transmission Control Protocol (TCP). |
tls_port | The TLS port to use to contact the RADIUS authentication server. |
client-ip client_ipaddr client_ipV6addr | Client address in either IPv4 (client_ipaddr) or IPv6 format (client_ipV6addr). |
vr vr_name | Specifies the virtual router on which the
client IP is located. Note: User-created VRs are supported only
on the platforms listed for this feature in the
Switch Engine 32.3 Feature License Requirements
document.
|
shared-secret | Shared secret. |
secret | Secret string. |
encrypted | Password is encrypted. |
The virtual router used is VR-Mgmt, the management virtual router.
Use this command to specify RADIUS server information.
Use of the hostname parameter requires that DNS be enabled.
The RADIUS server defined by this command is used for user name authentication and CLI command authentication.
The following example configures a RADIUS dynamic authorization server with server index 100 on host "radius1" using the default UDP port (1812) for use by the RADIUS client on switch 10.10.20.30 using a virtual router interface of VR-Default:
configure radius dynamic-authorization 100 server radius1 client-ip 10.10.20.30 vr vr-Default
This command was first available in ExtremeXOS 22.1.
The nas-ip option with ignore and require variables were introducted in ExtremeXOS 31.3.
The tls keyword with tls_port variable was added in ExtremeXOS 31.4.
This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.