Huawei SmartAX MA5603T Configuration Manual page 260
Access module
Hide thumbs
Also See for SmartAX MA5603T:
- Hardware description (977 pages) ,
- Hardware description (65 pages)
Table of Contents
Advertisement
SmartAX MA5600T/MA5603T/MA5608T Multi-service
Access Module
Commissioning and Configuration Guide
1.
2.
3.
4.
Step 3 Configure the RADIUS server template.
1.
2.
3.
4.
5.
6.
7.
Issue 01 (2014-04-30)
In the AAA mode, run the accounting-scheme command to add an AAA accounting
scheme.
Run the accounting-mode radius command to configure the accounting mode.
Run the accounting interim interval command to set the interval of real-time accounting.
By default, the interval is 0 minutes, that is, the real-time accounting is not performed.
Run the quit command to return to the AAA mode.
Run the radius-server template command to create an RADIUS server template and enter
the RADIUS server template mode.
Run the radius-server authentication command to configure the IP address and the UDP
port ID of the RADIUS server for authentication.
NOTE
l To guarantee normal communication between the MA5600T/MA5603T/MA5608T and the RADIUS
server, before configuring the IP address and UDP port of the RADIUS server, make sure that the
route between the RADIUS server and the MA5600T/MA5603T/MA5608T is in the normal state.
l Make sure that the configuration of the RADIUS service port of the MA5600T/MA5603T/
MA5608T is consistent with the port configuration of the RADIUS server.
Run the radius-server accounting command to configure the IP address and the UDP port
ID of the RADIUS server for accounting.
Run the radius-server shared-key command to configure the shared key of the RADIUS
server.
NOTE
l The RADIUS client (MA5600T/MA5603T/MA5608T) and the RADIUS server use the MD5
algorithm to encrypt the RADIUS packets. They check the validity of the packets by setting the
encryption key. They can receive the packets from each other and can respond to each other only when
their keys are the same.
l By default, the shared key of the RADIUS server is huawei.
(Optional) Run the radius-server timeout command to set the response timeout time of
the RADIUS server. By default, the timeout time is 5s.
The MA5600T/MA5603T/MA5608T sends the request packets to the RADIUS server. If
the RADIUS server does not respond within the response timeout time, the MA5600T/
MA5603T/MA5608T re-transmits the request packets to the RADIUS to ensure that users
can get corresponding services from the RADIUS server.
(Optional) Run the radius-server retransmit command to set the maximum re-transmit
time of the RADIUS request packets. By default, the maximum re-transmit time is 3.
When the re-transmit time of the RADIUS request packets to a RADIUS server exceeds
the maximum re-transmit time, the MA5600T/MA5603T/MA5608T considers that its
communication with the RADIUS server is interrupted, and therefore transmits the
RADIUS request packets to another RADIUS server.
Run the (undo)radius-server user-name domain-included command to configure the
user name (not) to carry the domain name when transmitted to the RADIUS server. By
default, the user name of the RADIUS server carries the domain name.
l An access user is named in the format of userid@domain-name, and the part after @
is the domain name. The MA5600T/MA5603T/MA5608T classifies a user into a
domain according to the domain name.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
2 Basic Configurations
235
- Quick Links:
- Commissioning Introduction
Hide quick links:
Advertisement
Table of Contents
