Configuring RADIUS Authentication with the SRC CLI
Use the following configuration statements to configure information about one or more RADIUS servers on the network at the
[edit]
hierarchy level:system radius-serveraddress
{portport
;secretsecret
;timeouttimeout;
retry
retry
;}To configure information about RADIUS servers for authentication:
- From configuration mode, access the configuration statement that adds a RADIUS server.
[edit]user@host#edit system radius-server
address
- Specify a port number on which to contact the RADIUS server.
[edit system radius-serveraddres
s]user@host#set port
port
By default, port number
1812
is used as specified in RFC 2865—Remote Authentication Dial In User Service (RADIUS) (June 2000).
- Specify a password. Passwords can contain spaces. The secret used by the C-series Controller must match that used by the server.
[edit system radius-serveraddres
s]user@host#set secret
secret
- (Optional) Specify the amount of time that the C-series Controller waits to receive a response from a RADIUS server.
[edit system radius-serveraddres
s]user@host#set timeout
timeout
By default, the C-series Controller waits 3 seconds. You can change the timeout to a value from 1 through 90 seconds.
- Specify the number of times that the C-series Controller attempts to contact a RADIUS authentication server.
[edit system radius-serveraddres
s]user@host#set retry
retry
By default, the C-series Controller retry property is set to 3 times. You can change the retry value to a number from 1 through 10 times.
To configure a set of users that share a single account for authorization purposes, you create a template user. See Configuring Template Accounts for RADIUS and TACACS+ Authentication with the SRC CLI.