radius settings
This command configures various RADIUS settings.
Syntax
(config-system)# radius settings (radius)#
|
Command |
Description |
|---|---|
|
double-decode-url {off|on} |
Enables an additional decoding of authentication credentials that are sent to the RADIUS server via URL. |
|
enable {off|on} |
Enables or disables the RADIUS application. |
|
enable-mgmt-login {off|on} |
Uses RADIUS for authentication of management interface access. |
|
local-cache-mode {0|1} |
Defines the capability to reset the expiry time of the local RADIUS password cache. |
|
local-cache-timeout |
Defines the expiry time, in seconds of the locally stored RADIUS password cache. |
|
nas-id-attribute |
Defines the RADIUS NAS Identifier attribute. |
|
rad-pap-req-msg-auth-tx {off|on} |
Enables the device to always include RADIUS attribute 80 (Message-Authenticator) when it sends RADIUS request messages (Access-Request packets) to the RADIUS server. |
|
rad-req-msg-auth-rx {off|on} |
Enables the requirement of RADIUS attribute 80 (Message-Authenticator) in incoming RADIUS messages from the RADIUS server. |
|
timeout-behavior |
Configures device behavior when RADIUS times out. |
|
vsa-access-level |
Defines the 'Security Access Level' attribute code in the VSA section of the RADIUS packet that the device should relate to. |
|
vsa-vendor-id |
Defines the vendor ID that the device should accept when parsing a RADIUS response packet. |
Command Mode
Privileged User
Example
This example demonstrates configuring VSA vendor ID:
(config-system)# radius settings (radius)# vsa-vendor-id 5003