RADIUS Authentication and Accounting
Configuring the Switch for RADIUS Authentication
3. Configure the Switch’s Global RADIUS Parameters
You can configure the switch for the following global RADIUS parameters:
■ Number of login attempts: In a given session, specifies how many
tries at entering the correct username and password pair are allowed
before access is denied and the session terminated. (This is a general
aaa authentication parameter and is not specific to RADIUS.)
■ Global server key: The server key the switch will use for contacts
with all RADIUS servers for which there is not a server-specific key
configured by radius-server host < ip-address > key < key-string >.
This key is optional if you configure a server-specific key for each
RADIUS server entered in the switch. (Refer to
“2. Configure the
Switch To Access a RADIUS Server” on page 3-10.)
■ Server timeout: Defines the time period in seconds for authentica-
tion attempts. If the timeout period expires before a response is
received, the attempt fails.
■ Server dead time: Specifes the time in minutes during which the
switch avoids requesting authentication from a server that has not
responded to previous requests.
■ Retransmit attempts: If the first attempt to contact a RADIUS
server fails, specifies how many retries you want the switch to attempt
on that server.
Syntax: aaa authentication num-attempts <1 .. 10 >
Specifies how many tries for entering the correct username
and password before shutting down the session due to input
errors. (Default: 3; Range: 1 - 10).
[no] radius-server
key < global-key-string >
Specifies the global encryption key the switch uses with
servers for which the switch does not have a server-
specific key assignment. This key is optional if all
RADIUS server addresses configured in the switch in-
clude a server-specific encryption key. (Default: Null.)
dead-time < 1 .. 1440 >
Optional. Specifies the time in minutes during which
the switch will not attempt to use a RADIUS server that
has not responded to an earlier authentication attempt.
(Default: 0; Range: 1 - 1440 minutes)
3-12
