Hewlett-Packard 8200ZL Manual

A SERVICE OF

next previous

encryption key to use for authentication with given server

(default is NULL). Specifying this key overrides the key set for

this server by the 'radius-server key <KEY-STR>' global

conguration command.

o key <KEY-STR> - species the global encryption key, which is

used for authentication if encryption key for the server is

not congured. The default is NULL.

o timeout <1-15> - server response timeout interval in seconds. The

default is 5 seconds.

o retransmit <1-5> - species the maximum number of retransmission

attempts. The default is 3 attempts.

o dyn-autz-port <UDP-PORT> - species the UDP port to listen for

Change-of-Authorization and Disconnect messages. The default

is 3799.

o dead-time <1-1440> - If the switch does not receive a response from a

specic RADIUS server, the switch avoids sending any new

authentication requests to that server until the dead-time has

expired. That is, during a new authentication attempt, the

switch bypasses a specied RADIUS server if a dead-time

period is running on the switch for a previous failure to

receive a response from that server. (The switch will still

send new authentication requests to any other congured

RADIUS servers that are not affected by a dead-time

condition.) For a specic RADIUS server, dead-time counting

begins with the end of the last timeout in the last retransmit

attempt of the failed authentication session. When dead-time

is set to 0 (zero), there is no dead-time and the switch will

not bypass a RADIUS server that has failed to respond to an

earlier authentication attempt. (Default: 0.)

COMMAND STRUCTURE

■ [no] radius-server dead-time < Min | Max > -- Server unavailability time (default is 0, use the 'no'

form of command to set the dead-time to 0). (p. 459)

■ dead-time < 1 to 1440 > -- Server unavailability time (default is 0, use the 'no' form of command

to set the dead-time to 0). (p. 459)

■ radius-server dyn-autz-port < 1024 to 49151 > -- UDP port number to listen for

Change-of-Authorization and Disconnect messages (default is 3799). (TCP/UDP-PORT) (p. 460)

■ [no] radius-server host -- IP address of the RADIUS server to use. (IP-ADDR) (p. 460)

■ acct-port -- Accounting UDP destination port number (default is 1813). (p. 458)

■ acct-port -- Accounting UDP destination port number (default is 1813). (TCP/UDP-PORT) (p.

458)

■ auth-port -- Authentication UDP destination port number (default is 1812).

(TCP/UDP-PORT) (p. 459)

■ key -- Encryption key to use with the RADIUS server (default is NULL). (ASCII-STR) (p.

460)

■ auth-port -- Authentication UDP destination port number (default is 1812). (p. 459)

■ auth-port -- Authentication UDP destination port number (default is 1812). (TCP/UDP-PORT)

(p. 459)

■ acct-port -- Accounting UDP destination port number (default is 1813). (TCP/UDP-PORT)

(p. 458)

■ key -- Encryption key to use with the RADIUS server (default is NULL). (ASCII-STR) (p.

460)

■ dyn-authorization -- Enable/disable dynamic authorization control from this host. (p. 459)

■ key -- Encryption key to use with the RADIUS server (default is NULL). (p. 460)

■ key -- Encryption key to use with the RADIUS server (default is NULL). (ASCII-STR) (p. 460)

457© 2009 Hewlett-Packard Development Company, L.P.

radius-serverCommand Line Interface Reference Guide