Creating RADIUS Peers
RADIUS peers are instances of RADIUS servers. If you define multiple servers, the SAE uses them in cases of failover or as alternate routers for load-balancing purposes.
Each RADIUS plug-in requires a default peer. Configure a RADIUS peer before you configure the plug-in.
RADIUS peers are configured in the peer group for each RADIUS plug-in. Use the following configuration statements to configure a RADIUS peer:
shared sae configuration plug-ins poolname
radius-accounting peer-groupname
{server-addressserver-address
;server-portserver-port
;secretsecret
;}shared sae configuration plug-ins poolname
radius-authentication peer-groupname
{server-addressserver-address
; server-portserver-port
; secretsecret
;}shared sae configuration plug-ins poolname
custom-radius-accounting peer-groupname
{server-addressserver-address
;server-portserver-port
;secretsecret
;}shared sae configuration plug-ins poolname
custom-radius-authentication peer-groupname
{server-addressserver-address
; server-portserver-port
; secretsecret
;}shared sae configuration plug-ins poolname
flex-radius-accounting peer-groupname
{server-addressserver-address
; server-portserver-port
; secretsecret
;}shared sae configuration plug-ins poolname
flex-radius-authentication peer-groupname
{server-addressserver-address
; server-portserver-port
; secretsecret
;}
- From configuration mode, access the RADIUS peer configuration for the plug-in that you are configuring. In this sample procedure, the RADIUS peer is configured in the west-region SAE group.
user@host#edit shared sae group west-region configuration plug-ins pool basicRadius radius-accounting peer-group peer1
- Configure the IP address of the RADIUS server to which the SAE sends accounting data.
[edit shared sae group west-region configuration plug-ins pool basicRadius radius-accounting peer-group peer1]
user@host#
set server-address
server-address
- Configure the port used for RADIUS packets.
[edit shared sae group west-region configuration plug-ins pool basicRadius radius-accounting peer-group peer1]
user@host#
set server-port
server-port
- Configure the password that is shared with the RADIUS server. You must configure the same password on the RADIUS server.
[edit shared sae group west-region configuration plug-ins pool basicRadius radius-accounting peer-group peer1]
user@host#
set secret
secret
- (Optional) Verify your configuration.
[edit shared sae group west-region configuration plug-ins pool basicRadius radius-accounting peer-group peer1]user@host#show
server-address 10.10.1.1;server-port 1812;secret ********;Related Information