This command configures the IPv4/IPv6 address or DNS name to use for communicating with the RADIUS server of a selected server type. While configuring the IPv4/IPv6 address or DNS name for the authenticating or accounting servers, you can also configure the deadtime, port number, and server name. If the authenticating and accounting servers are configured without a name, the command uses the Default_RADIUS_Auth_Server and Default_RADIUS_Acct_Server as the default names, respectively. The same name can be configured for more than one authenticating servers and the name should be unique for accounting servers. The RADIUS client allows the configuration of a maximum 32 authenticating and accounting servers.
If you use the auth parameter, the command configures the IPv4/IPv6 address or hostname to use to connect to a RADIUS authentication server. You can configure up to three servers per RADIUS client. If the maximum number of configured servers is reached, the command fails until you remove one of the servers by issuing the no form of the command. If you use the optional port parameter, the command configures the UDP port number to use when connecting to the configured RADIUS server. The port number range is 1 to 65535, with 1812 being the default value. If you use the optional deadtime parameter, the command configures the deadtime to use for the configured RADIUS server. The deadtime value is 0 to 2000 in minutes), with 0 being the default.
To reconfigure a RADIUS authentication server to use the default UDP port, set the port parameter to 1812.
If you use the acct token, the command configures the IPv4/IPv6 address or hostname to use for the RADIUS accounting server. You can only configure one accounting server. If an accounting server is currently configured, use the no form of the command to remove it from the configuration. The IPv4/IPv6 address or hostname you specify must match that of a previously configured accounting server. If you use the optional port parameter, the command configures the UDP port to use when connecting to the RADIUS accounting server. If a port is already configured for the accounting server, the new port replaces the previously configured port. The port must be a value in the range 0 to 65535, with 1813 being the default. If you use the optional deadtime parameter, the command configures the deadtime to use for the configured RADIUS server. The deadtime value is 0 to 2000 (in minutes), with 0 being the default.
To reconfigure a RADIUS accounting server to use the default UDP port, set the port parameter to 1813.
Format | radius server host {auth | acct} {ipaddr | ipv6addr | dnsname} [name servername] [port 0-65535] [deadtime 0-2000] |
Mode | Global Config |
Field | Description |
---|---|
ipaddr | The IP address of the server. |
ipv6addr | The IPv6 address of the server. |
dnsname | The DNS name of the server. |
0-65535 | The port number to use to connect to the specified RADIUS server. |
servername | The alias name to identify the server. |
deadtime | The amount of time to skip a RADIUS server that is not responding to authentication requests. The valid deadtime range is 0 to 2000 minutes |
Example: The following shows an example of the command.
(Switch) (Config) #radius server host acct 192.168.37.60 (Switch) (Config) #radius server host acct 192.168.37.60 port 1813 (Switch) (Config) #radius server host auth 192.168.37.60 name Network1_RS port 1813 (Switch) (Config) #radius server host acct 192.168.37.60 name Network2_RS