Technical Documentation

Configuring Router Interactions with RADIUS Servers for Subscriber Access

To identify the RADIUS servers that the router can use and to configure how the router interacts with the servers, you include the radius-server statement at the [edit access] hierarchy level. You can specify multiple RADIUS servers on the network.

[edit access]
radius-server server-address {
accounting-port port-number;
port port-number;
retry attempts;
secret password;
source-address source-address;
timeout seconds;
}

The following list describes the radius-server configuration statements:

  • server-address—The address of the RADIUS server to use. To configure more than one RADIUS server, include multiple server-address entries.
  • accounting-port—The RADIUS server accounting port number. The default accounting port number is 1813.
  • port-number—The port number used to contact the RADIUS server. The default is port number 1812.
  • retry—The number of times that the router attempts to contact a RADIUS accounting server. You can configure the router to retry from 1 through 16 times. The default setting is 3 retry attempts.
  • secret—The required secret (password) that the local router passes to the RADIUS client. Secrets can contain spaces.
  • source-address—A source address for the RADIUS server. Each RADIUS request sent to a RADIUS server uses the specified source address. The source address is a valid IPv4 address configured on one of the router interfaces.
  • timeout—The length of time that the local router waits to receive a response from a RADIUS server. By default, the router waits 3 seconds. You can configure the timeout to be from 1 to 90 seconds.

Published: 2009-07-15