radius dyn-authorization client
Syntax
radius dyn-authorization client {<IPV4> | <IPV6> | <HOSTNAME>}
[secret-key {plaintext | ciphertext} <PASSKEY>]
[time-window <WIDTH>] [replay-protection {enable|disable}]
[vrf <VRF-NAME>]
no radius dyn-authorization client {<IPV4> | <IPV6> | <HOSTNAME>} [vrf <VRF-NAME>]Description
Configures RADIUS dynamic authorization for the specified client on the specified (or
default) VRF.
The
no form of this command unconfigures RADIUS dynamic authorization for the specified client on the specified (or
default) VRF.
Command context
config
Parameters
<IPV4> | <IPV6> | <HOSTNAME>Specifies the client IPv4 address, IPv6 address, or host name.
secret-key {plaintext | ciphertext} <PASSKEY>Specifies the dynamic authorization server (RADIUS server) shared secret key required for client access. Provide either a plaintext or an encrypted shared-secret passkey. As per RFC 2865, the shared-secret can be a mix of alphanumeric and special characters. Plaintext passkeys are between 1 and 32 alphanumeric and special characters.
time-window <WIDTH>Specifies the width of the synchronization window (in seconds) between the RADIUS dynamic authorization client and the RADIUS dynamic authorization server. Default 300. Range: 1 to 65535.
replay-protection {enable|disable}Enables or disables RADIUS dynamic authorization replay protection for the specified client on the specified (or
default) VRF.vrf <VRF-NAME>Specifies the VRF on which the identified client is connected. When omitted, VRF
defaultis assumed.
Authority
Administrators or local user group members with execution rights for this command.
Examples
Configuring RADIUS dynamic authorization with replay protection for a client on the default VRF:
switch(config)# radius dyn-authorization client 1.1.2.5 replay-protection enable
Configuring RADIUS dynamic authorization with time window and shared secret for a client on the default VRF:
switch(config)# radius dyn-authorization client 1.1.2.7 time-window 8 secret-key sk