RADIUS Configuration

radius configuration radius configuration show radius {server|global|null} show radius {server|global|null} \[command] show radius {server|global|null} \[purpose] display configuration information related to the radius service, including viewing the global configuration of radius and configuration parameters of each server \[view] system view \[notes] after modifying the device configuration, this command can be used to view information such as the authentication type, timeout period, and key used for communication with the server in the radius authentication system \[use cases] sonic# show radius radius global auth type pap (default) radius global retransmit 3 (default) radius global timeout 5 (default) radius global passkey \<empty string> (default) radius server address 192 168 2 167 mode all passkey test123 radius global \[auth type{pap|chap}|passkey radius global \[auth type{pap|chap}|passkey string |src ip a b c d/a b |nas ip a b c d/a b |timeout value |retransmit value ] \[command] radius global \[auth type{pap|chap}|passkey string |src ip a b c d/a b |nas ip a b c d/a b |timeout value |retransmit value ] \[purpose] configure the global parameters for radius authentication, and use the global parameters when the radius authentication server has not configured a specific parameter separately \[view] system configuration view \[parameter] parameter description description auth type radius authentication protocol type passkey radius authentication server secret key src ip authenticating the source ip of the report nas ip the unique identifier id displayed on the server side of the device in the radius timeout transmission over time interval, second range 1 60, default is 5 retransmit the number of retransmission times for authentication timeout, ranging from 0 10, defaults to 3 \[notes] used to modify the global configuration information of radius authentication, suitable for scenarios where there are many radius authentication servers and it is not convenient to configure parameters one by one using the global configuration command can make all servers that have not separately configured parameters use global parameters to take effect \[use cases] sonic(config)# radius global retransmit 10 sonic(config)# radius global timeout 5 radius server radius server a b c d/a b \[auth port value ]\[passkey string ]\[auth type {pap|chap}]\[nas ip a b c d/a b ]\[priority value ]\[timeout value ]\[retransmit value ]\[vrf string ]\[src intf {ethernet num |vlan id |link aggregation id |loopback num }]\[mode {all|aaa}] \[command] radius server a b c d/a b \[auth port value ]\[passkey string ]\[auth type {pap|chap}]\[nas ip a b c d/a b ]\[priority value ]\[timeout value ]\[retransmit value ]\[vrf string ]\[src intf {ethernet num |vlan id |link aggregation id |loopback num }]\[mode {all|aaa}] \[purpose] configure the parameters of the radius server \[view] system configuration view \[parameter] parameter description description auth type type of radius authentication protocol passkey radius authentication server key nas ip the unique identifier id displayed on the server side of the device in the radius priority configure the priority of the radius authentication server, with higher values indicating higher priority timeout transmission over time interval, second range 1 60, default is 5 retransmit the number of retransmission times for authentication timeout, ranging from 0 10, defaults to 3 vrf vrf name, can configure authentication link in specific vrfs src intf configure the source port for authentication, which can be configured with different interface types such as physical port, lag if port, vlan if port, and loopback port mode configure the radius authentication mode, which can choose between all mode or only aaa authentication mode \[notes] used to issue relevant configuration information for specified radius servers \[use cases] sonic(config)# radius server 192 168 2 167 auth type chap sonic(config)# radius server 192 168 2 167 retransmit 5