RADIUS Configuration
此内容尚不支持你的语言。
show radius {server|global|null}
Section titled “show radius {server|global|null}”[Command] show radius {server|global|null}
[Purpose] Display configuration information related to the radius service, including viewing the global configuration of radius and configuration parameters of each server.
[View] System view
[Notes] After modifying the device configuration, this command can be used to view information such as the authentication type, timeout period, and key used for communication with the server in the radius authentication system.
[Use Cases]
sonic# show radiusRADIUS global auth_type pap (default)RADIUS global retransmit 3 (default)RADIUS global timeout 5 (default)RADIUS global passkey <EMPTY_STRING> (default)
RADIUS_SERVER address 192.168.2.167 mode all passkey test123radius global [auth-type{pap|chap}|passkey
Section titled “radius global [auth-type{pap|chap}|passkey”[Command] radius global [auth-type{pap|chap}|passkeystring**|src-ipA.B.C.D/A::B|nas-ipA.B.C.D/A::B|timeoutvalue|retransmitvalue]**
[Purpose] Configure the global parameters for radius authentication, and use the global parameters when the radius authentication server has not configured a specific parameter separately.
[View] System Configuration View
[Parameter]
| Parameter | Description |
|---|---|
| auth-type | RADIUS authentication protocol type |
| passkey | RADIUS Authentication Server Secret Key |
| src-ip | Authenticating the source IP of the report |
| nas-ip | The unique identifier id displayed on the server side of the device in the radius |
| timeout | Transmission over time interval, SECOND range 1-60, default is 5 |
| retransmit | The number of retransmission times for authentication timeout, ranging from 0-10, defaults to 3 |
[Notes] Used to modify the global configuration information of radius authentication, suitable for scenarios where there are many radius authentication servers and it is not convenient to configure parameters one by one. Using the global configuration command can make all servers that have not separately configured parameters use global parameters to take effect.
[Use Cases]
sonic(config)# radius global retransmit 10sonic(config)# radius global timeout 5radius server
Section titled “radius server”[Command] radius serverA.B.C.D/A::B**[auth-portvalue][passkeystring][auth-type {pap|chap}][nas-ipA.B.C.D/A::B][priorityvalue][timeoutvalue][retransmitvalue][vrfstring][src-intf {ethernetnum|vlanid|link-aggregationid|loopbacknum}][mode {all|aaa}]**
[Purpose] Configure the parameters of the radius server
[View] System Configuration View
[Parameter]
| Parameter | Description |
|---|---|
| auth-type | Type of Radius Authentication Protocol |
| passkey | Radius authentication server key |
| nas-ip | The unique identifier id displayed on the server side of the device in the radius |
| priority | Configure the priority of the radius authentication server, with higher values indicating higher priority |
| timeout | Transmission over time interval, SECOND range 1-60, default is 5 |
| retransmit | The number of retransmission times for authentication timeout, ranging from 0-10, defaults to 3 |
| vrf | VRF name, can configure authentication link in specific VRFs |
| src-intf | Configure the source port for authentication, which can be configured with different interface types such as physical port, lag if port, vlan if port, and loopback port |
| mode | Configure the Radius authentication mode, which can choose between all mode or only aaa authentication mode |
[Notes] Used to issue relevant configuration information for specified radius servers
[Use Cases]
sonic(config)# radius server 192.168.2.167 auth-type chapsonic(config)# radius server 192.168.2.167 retransmit 5