[x]

RADIUS commands > display radius scheme

 

 Next

display radius scheme

Use display radius scheme to display RADIUS scheme configuration.

Syntax

display radius scheme [ radius-scheme-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

radius-scheme-name: Specifies a RADIUS scheme by its name, a case-insensitive string of 1 to 32 characters. If you do not specify a RADIUS scheme, this command displays the configuration of all RADIUS schemes.

Examples

# Display the configuration of all RADIUS schemes.

<Sysname> display radius scheme
Total 1 RADIUS schemes

------------------------------------------------------------------
RADIUS scheme name: radius1
  Index : 0
  Primary authentication server:
    Host name: Not configured
    IP   : 2.2.2.2                                  Port: 1812
    VPN  : vpn1
    State: Active
    Test profile: 132
      Probe username: test
      Probe interval: 60 minutes
    Weight: 40
  Primary accounting server:
    Host name: Not configured
    IP   : 1.1.1.1                                  Port: 1813
    VPN  : Not configured
    State: Active
    Weight: 40
  Second authentication server:
    Host name: Not configured
    IP   : 3.3.3.3                                  Port: 1812
    VPN  : Not configured
    State: Block
    Test profile: Not configured
    Weight: 40
  Second accounting server:
    Host name: Not configured
    IP   : 3.3.3.3                                  Port: 1813
    VPN  : Not configured
    State: Block (Mandatory)
    Weight: 0
  Accounting-On function                     : Enabled
    extended function                        : Disabled
    retransmission times                     : 5
    retransmission interval(seconds)         : 2
  Timeout Interval(seconds)                  : 3
  Retransmission Times                       : 3
  Retransmission Times for Accounting Update : 5
  Server Quiet Period(minutes)               : 5
  Realtime Accounting Interval(seconds)      : 22 
  Stop-accounting packets buffering          : Enabled
    Retransmission times                     : 500
  NAS IP Address                             : 1.1.1.1
  VPN                                        : Not configured
  User Name Format                           : with-domain
  Data flow unit                             : Megabyte
  Packet unit                                : One
  Attribute 15 check-mode                    : Strict
  Attribute 25                               : CAR
  Attribute Remanent-Volume unit             : Mega
  server-load-sharing                        : Enabled
  Attribute 31 MAC format                    : hh:hh:hh:hh:hh:hh
  Stop-accounting-packet send-force          : Disabled
------------------------------------------------------------------

Table 4: Command output

Field

Description

Index

Index number of the RADIUS scheme.

Primary authentication server

Information about the primary authentication server.

Primary accounting server

Information about the primary accounting server.

Second authentication server

Information about the secondary authentication server.

Second accounting server

Information about the secondary accounting server.

Host name

Host name of the server.

This field displays Not configured in the following situations:

  • The server is not configured.

  • The server is specified by IP address.

IP

IP address of the server.

This field displays Not configured in the following situations:

  • The server is not configured.

  • The server is specified by hostname, and the hostname is not resolved.

Port

Service port number of the server. If no port number is specified, this field displays the default port number.

VPN

MPLS L3VPN instance to which the server or the RADIUS scheme belongs. If no VPN instance is specified for the server, this field displays Not configured.

State

Status of the server:

  • Active—The server is in active state.

  • Block—The server is changed to blocked state automatically.

  • Block (Mandatory)—The server is set to blocked state manually.

Test profile

Test profile used for RADIUS server status detection.

Probe username

Username used for RADIUS server status detection.

Probe interval

Server status detection interval, in minutes.

Weight

Weight value of the RADIUS server.

Accounting-On function

Whether the accounting-on feature is enabled.

extended function

This field is not supported in the current software version.

Whether the extended accounting-on feature is enabled.

retransmission times

Number of accounting-on packet transmission attempts.

retransmission interval(seconds)

Interval at which the device retransmits accounting-on packets, in seconds.

Timeout Interval(seconds)

RADIUS server response timeout period, in seconds.

Retransmission times

Maximum number of attempts for transmitting a RADIUS packet to a single RADIUS server.

Retransmission Times for Accounting Update

Maximum number of accounting attempts.

Server Quiet Period(minutes)

Quiet period for the servers, in minutes.

Realtime Accounting Interval(seconds)

Interval for sending real-time accounting updates, in seconds.

Stop-accounting packets buffering

Whether buffering of nonresponded RADIUS stop-accounting requests is enabled.

Retransmission times

Maximum number of transmission attempts for individual RADIUS stop-accounting requests.

NAS IP Address

Source IP address for outgoing RADIUS packets.

User Name Format

Format for the usernames sent to the RADIUS server:

  • with-domain—Includes the domain name.

  • without-domain—Excludes the domain name.

  • keep-original—Forwards the username as the username is entered.

Data flow unit

Measurement unit for data flow.

Packet unit

Measurement unit for packets.

Attribute 15 check-mode

RADIUS Login-Service attribute check method for SSH, FTP, and terminal users:

  • Strict—Matches Login-Service attribute values 50, 51, and 52 for SSH, FTP, and terminal services, respectively.

  • Loose—Matches the standard Login-Service attribute value 0 for SSH, FTP, and terminal services.

Attribute 25

RADIUS attribute 25 interpretation status:

  • Standard—The attribute is not interpreted as CAR parameters.

  • CAR—The attribute is interpreted as CAR parameters.

Attribute Remanent-Volume unit

Data measurement unit for the RADIUS Remanent_Volume attribute.

server-load-sharing

Status of the RADIUS server load sharing feature:

  • Disabled—The feature is disabled. The device forwards traffic to the server selected based on primary and secondary server roles.

  • Enabled—The feature is enabled. The device distributes traffic among multiple servers for load sharing.

Attribute 31 MAC format

MAC address format for RADIUS attribute 31.

Stop-accounting-packet send-force

Whether the device is enabled to forcibly send stop-accounting packets when users for which no start-accounting packets are sent go offline.

prev

 

up

 next

data-flow-format (RADIUS scheme view) 

home

 display radius statistics

© Copyright 2018 Hewlett Packard Enterprise Development LP