Dell Command Line Reference Guide for the S4048–ON System 9.14.2.5

PDF

radius-server host

Configure a RADIUS server host.

Syntax
radius-server host {hostname | ipv4-address | ipv6-address} [auth-port port-number] [acct-port port-number] [retransmit retries] [timeout seconds] [key [encryption-type] key]
Parameters
hostname
Enter the name of the RADIUS server host.
ipv4-address | ipv6-address
Enter the IPv4 address (A.B.C.D) or IPv6 address (X:X:X:X::X) of the RADIUS server host.
auth-port port-number
(OPTIONAL) Enter the keywords auth-port then a number as the port number. The range is from zero (0) to 65535. The default port-number is 1812.
acct-port port-number
(OPTIONAL) Enter the keywords acct-port then a number as the port number. The range is from 1 to 65535. The default port-number is 1813.
retransmit retries
(OPTIONAL) Enter the keyword retransmit then a number as the number of attempts. This parameter overwrites the radius-server retransmit command. The range is from zero (0) to 100. The default is 3 attempts.
timeout seconds
(OPTIONAL) Enter the keyword timeout then the seconds the time interval the switch waits for a reply from the RADIUS server. This parameter overwrites the radius-server timeout command. The range is from 0 to 1000. The default is 5 seconds.
key [encryption-type] key

(OPTIONAL) Enter the keyword key then an optional encryption-type and a string up to 42 characters long as the authentication key. The RADIUS host server uses this authentication key and the RADIUS daemon operating on this switch.

For the encryption-type, enter either zero (0) or 7 as the encryption type for the key entered. The options are:
  • 0 is the default and means the password is not encrypted and stored as clear text.
  • 7 means that the password is encrypted and hidden.

Configure this parameter last because leading spaces are ignored.

Defaults
Not configured.
Command Modes
  • RADIUS SERVER GROUP
  • CONFIGURATION
Command History

This guide is platform-specific. For command information about other platforms, see the relevant Dell EMC Networking OS Command Line Reference Guide.

Version
Description
9.14(1.5)
Added support for RADIUS accounting.
9.11(0.0)
Included a prompt to force the users to re-authenticate when there is a change in the RADIUS server list.
9.10(0.1)
Introduced on the S6010-ON and S4048T-ON.
9.10(0.0)
Introduced on the S3148.
9.10(0.0)
Introduced on the S6100-ON.
9.8(2.0)
Introduced on the S3100 series.
9.8(1.0)
Introduced on the Z9100-ON.
9.8(0.0P5)
Introduced on the S4048-ON.
9.8(0.0P2)
Introduced on the S3048-ON.
9.7(0.0)
Introduced on the S6000–ON.
9.2(1.0)
Introduced on the Z9500.
9.0.2.0
Introduced on the S6000.
8.3.19.0
Introduced on the S4820T.
8.3.11.1
Introduced on the Z9000.
8.4.1.0
Added support for IPv6.
8.3.7.0
Introduced on the S4810.
7.7.1.0
Authentication key length increased to 42 characters.
7.6.1.0
Introduced on the S-Series.
7.5.1.0
Introduced on the C-Series.
pre-6.2.1.0
Introduced on the E-Series.
Usage Information

To configure any number of RADIUS server hosts for each server host that is configured, use this command. Dell EMC Networking OS searches for the RADIUS hosts in the order they are configured in the software.

The global default values for the timeout, retransmit, and key optional parameters are applied, unless those values are specified in the radius-server host or other commands. To return to the global default values, if you configure the timeout, retransmit, or key values, include those keywords when using the no radius-server host command syntax.

You can use duplicate host names or IP addresses among RADIUS groups. However, you cannot use duplicate host names or IP addresses within the same RADIUS group. If a VRF is not configured on the RADIUS group, then servers configured in the group are considered to be on the default VRF. RADIUS servers that are configured in the CONFIGURATION mode are also considered to be on the default VRF.

You must configure the RADIUS group explicitly with the aaa radius group command in order for the AAA servers to use the group of RADIUS servers. The 802.1x servers use the group of RADIUS servers based on the VRF where the 802.1x request is received. As a result, it is possible that both globally configured RADIUS servers as well as the group-configured RADIUS servers (without VRF or default VRF) are used for processing the 802.1x requests that are received at the default VRF. The order in which the RADIUS servers are tried depends on the order in which the RADIUS servers are configured.

The RADIUS accounting port acct-port port-number is configurable.

Example
DellEMC(config)#radius-server host 192.100.0.12 
Force all logged-in users to re-authenticate (y/n)?
DellEMC(config)#no radius-server host 192.100.0.12 
Force all logged-in users to re-authenticate (y/n)?
Related Commands

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\