1-39
Description
Use the
key
command to set a shared key for RADIUS authentication/authorization messages or
accounting messages.
Use the
undo key
command to restore the corresponding default shared key setting.
By default, no shared key exists.
Note that:
z
Both RADIUS client and server adopt MD5 algorithm to encrypt RADIUS messages before
exchanging the messages with each other.
z
The two parties verify the validity of the RADIUS messages received from each other by using the
shared keys that have been set on them, and can accept and respond to the messages only when
both parties have same shared key.
z
The authentication/authorization shared key and the accounting shared key you set on the switch
must be respectively consistent with the shared key on the authentication/authorization server and
the shared key on the accounting server.
Related commands:
primary accounting
,
primary authentication
,
radius scheme
.
Examples
# Set "hello" as the shared key for RADIUS authentication/authorization messages in RADIUS scheme
radius1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] radius scheme radius1
New Radius scheme
[Sysname-radius-radius1] key authentication hello
# Set "ok" as the shared key for RADIUS accounting messages in RADIUS scheme radius1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] radius scheme radius1
New Radius scheme
[Sysname-radius-radius1] key accounting ok
local-server
Syntax
local-server enable
undo local-server
View
System view
Parameters
None
Summary of Contents for 5500-EI PWR
Page 43: ...2 6...
Page 76: ...1 17...
Page 228: ...ii stp transmit limit 1 44 vlan mapping modulo 1 45 vlan vpn tunnel 1 46...
Page 477: ...5 24 Sysname vlan 2 Sysname vlan2 service type multicast...
Page 503: ...2 3 System View return to User View with Ctrl Z Sysname dot1x url http 192 168 19 23...
Page 519: ...iii...
Page 597: ...2 2 security policy server 192 168 0 1 user name format without domain...
Page 648: ...1 9 Examples Clear static ARP entries Sysname reset arp static...
Page 663: ...4 3 Sysname resilient arp interface vlan interface 2...
Page 767: ...1 28 From 12 00 Jan 1 2008 to 12 00 Jun 1 2008...
Page 1111: ...ii xmodem get 3 18...
Page 1314: ...A 44 Z...