SRC-PE Release 1.0.x Getting Started Guide > Authenticating Users on a C-series Platform > Configuring RADIUS Authentication

Configuring RADIUS Authentication

Use the following configuration statements to configure information about one or more RADIUS servers on the network at the [edit] hierarchy level:

system radius-server address {

    port port; 

    secret secret ; 

    timeout timeout;

    retry retry ; 

}

To configure information about RADIUS servers for authentication:

1. From configuration mode, access the configuration statement that adds a RADIUS server.

[edit]

user@host# edit system radius-server address

2. Specify a port number on which to contact the RADIUS server.

[edit system radius-server address]

user@host#     set port port 

By default, port number 1812 is used as specified in RFC 2865—Remote Authentication Dial In User Service (RADIUS) (June 2000).

3. Specify a password. Passwords can contain spaces. The secret used by the C-series platform must match that used by the server.

[edit system radius-server address]

user@host#     set secret secret

4. (Optional) Specify the amount of time that the C-series platform waits to receive a response from a RADIUS server.

[edit system radius-server address]

user@host#     set timeout timeout

By default, the C-series platform waits 3 seconds. You can change the timeout to a value from 1 through 90 seconds.

5. Specify the number of times that the C-series platform attempts to contact a RADIUS authentication server.

[edit system radius-server address]

user@host#     set retry retry

By default, the C-series platform retry property is set to 3 times. You can change the retry value to a number from 1 through 10 times.

To configure a set of users that share a single account for authorization purposes, you create a template user. See Configuring Template Accounts for RADIUS and TACACS+ Authentication.