Configuring UDP Ports
The transaction-based RADIUS protocol uses two UDP ports: one for authentication packets and one for accounting packets. The ports must be configured on two sides: the Merit AAA server and the RADIUS clients (SDX application and E-series router).
The officially assigned UDP port numbers are:
- 1812 for authentication
- 1813 for accounting
Early deployments of RADIUS used 1645/udp for authentication packets and 1646/udp for accounting packets.
The Merit AAA RADIUS server uses the latter ports by default, whereas the E-series router uses the official ports by default.
There are two possible ways to change these settings:
- You can change these defaults by editing your copy of the /etc/services file to contain two entries for RADIUS authentication and accounting service that specify the ports you wish to use. Add the following two lines to the /etc/services file:
- radius 1812/udp # RADIUS Authentication
- radacct 1813/udp # RADIUS Accounting
- You can override all default and configured values at server start-up with the radiusd -p and radiusd -q command line options. The SDX application installs the Merit AAA server with a start script, called rad, which uses ports 1812 and 1813 for authentication and accounting (see next section).