Skip to content
AsterNOS
Ask AI

RADIUS Configuration

show radius

Section titled “show radius”

[Command] show radius

[Purpose] Display terminal RADIUS configuration information.

[View] System view

[Notes] After modifying the device configuration, you can use this command to view information such as the authentication type, timeout period, and communication key between the RADIUS terminal and the server.

[Use Cases]

sonic# show radius
RADIUS_SERVER address 192.168.15.168
               priority 1
               auth_port 1812
               passkey ******```


### radius [server]  [key] auth-type {chap|pap}**\[Command]****radius server** *ip_address* **key** *password* **auth-type \{chap|pap} priority** *pri_num* **timeout** *time* **retransmit** *re_num* **source**  *src_ip* **vrf** *vrf_name*
**no radius server** *ip_address*


**\[Purpose]**
Configure authentication parameters for the RADIUS server.


**\[Parameter]**


| **Parameter**     | **Description**                                                                                                                                      |
| ----------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
| *ip_address*     | RADIUS Server IP Address                                                                                                                             |
| *timeout*         | Transmission timeout interval, configurable range 1-60, default 5, unit: seconds                                                                     |
| *password *  | Shared key, default is public                                                                                                                        |
| *auth-type * | Authentication type: CHAP/PAP, default is PAP                                                                                                        |
| *re_num*         | Set the number of retries for terminal login. Configuration range: 1-10                                                                              |
| *pri_num*        | Server priority, default value: 1, configurable range: 1-64                                                                                          |
| *src_ip*         | Source IP for terminal authentication                                                                                                                |
| *vrf_name*       | This parameter must be configured when communicating with the RADIUS server via the management port and the management port belongs to the MGMT VRF. |


**\[View]**
System Configuration View


**\[Notes]**
RADIUS supports multiple authentication types, with the device supporting the following authentication methods:


- PAP: Simple Authentication Protocol, where the username and password are transmitted over the network in plaintext.
- CHAP: A more secure authentication protocol than PAP. The device sends the username, an encrypted password, and a 16-byte random number to the server. The server locates the corresponding password based on the username, then encrypts the password using the received random number and a shared secret key. The resulting output is compared with the received encrypted password. If they match, authentication succeeds; otherwise, it fails.


By default, the device's authentication type is set to PAP.


**\[Use Cases]**


```plaintext
sonic(config)# radius server 1.1.1.1 key testing123 auth-type chap priority 1 timeout 10 retransmit 3 source 1.1.1.1 vrf 1