Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation

Configuring Router or Switch Interaction with RADIUS Servers

You specify the RADIUS servers that the router or switch can use and you configure how the router or switch interacts with the servers. You can configure the router or switch to use multiple RADIUS servers on the network.

To specify a RADIUS server and how the router or switch interacts with the server:

  1. Configure the IP address of the RADIUS server and specify that you want to configure the router or switch interaction with the server.
    [edit access]user@host# edit radius-server 192.168.1.250
  2. (Optional) Configure the RADIUS server accounting port number. The default accounting port number is 1813.
    [edit access radius-server 192.168.1.250]user@host# set accounting-port 1813
  3. (Optional) Configure the port number the router or switch uses to contact the RADIUS server. The default port number is 1812.
    [edit access radius-server 192.168.1.250]user@host# set port 18914
  4. (Optional) Configure the number of times that the router or switch attempts to contact a RADIUS accounting server. You can configure the router or switch to retry from 1 through 16 times. The default setting is 3 retry attempts.
    [edit access radius-server 192.168.1.250]user@host# set retry 4
  5. Configure the required secret (password) that the local router or switch passes to the RADIUS client. Secrets enclosed in quotation marks can contain spaces.
    [edit access radius-server 192.168.1.250]user@host# set secret $nt1UE1*7688+
  6. (Optional) Configure the maximum number of outstanding requests that a RADIUS server can maintain. An outstanding request is a request to which the RADIUS server has not yet responded. You can limit the number from 0 through 2000 outstanding requests per RADIUS server. The default setting is 1000 outstanding requests per server.
    [edit access radius-server 192.168.1.250]user@host# set max-outstanding-requests 500
  7. Configure the source address for the RADIUS server. Each RADIUS request sent to a RADIUS server uses the specified source address. The source address is a valid IPv4 address configured on one of the router or switch interfaces.
    [edit access radius-server 192.168.1.250]user@host# set source-address 192.168.1.100
  8. (Optional) Configure the length of time that the local router or switch waits to receive a response from a RADIUS server. By default, the router or switch waits 3 seconds. You can configure the timeout to be from 1 through 90 seconds.
    [edit access radius-server 192.168.1.250]user@host# set timeout 45
 

Related Documentation

 

Published: 2012-12-04

Previous Page Next Page