[x]

Configuring NQA templates on the NQA client > Configuring the RADIUS template

 

 Next

Configuring the RADIUS template

A feature that uses the RADIUS template performs the RADIUS operation to check the availability of the authentication service on the RADIUS server.

The RADIUS operation authentication workflow is as follows:

  1. The NQA client sends an authentication request (Access-Request) to the RADIUS server. The request includes the username and the user's password. The password has been encrypted by the MD5 algorithm and the shared key.

  2. The RADIUS server authenticates the username and password.

    • If the authentication succeeds, the server sends an Access-Accept packet to the NQA client.

    • If the authentication fails, the server sends an Access-Reject packet to the NQA client.

If the NQA client can receive the Access-Accept packet from the RADIUS server, the authentication service is available on the RADIUS server. Otherwise, the authentication service is not available on the RADIUS server.

Before you configure the RADIUS template, specify a username, password, and shared key on the RADIUS server. For more information about configuring the RADIUS server, see Security Configuration Guide.

To configure the RADIUS template:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Create a RADIUS template and enter its view.

nqa template radius name

By default, no RADIUS templates exist.

3. (Optional.) Specify the destination IP address of the operation.

  • IPv4 address:destination ip ip-address

  • IPv6 address:destination ipv6 ipv6-address

By default, no destination IP address is configured.

4. (Optional.) Specify the destination port number for the operation.

destination port port-number

By default, the destination port number is 1812.

5. Specify a username.

username username

By default, no username is specified.

6. Specify a password.

password { cipher | simple } string

By default, no password is specified.

7. Specify a shared key for secure RADIUS authentication.

key { cipher | simple } string

By default, no shared key is specified for RADIUS authentication.

8. (Optional.) Specify the source IP address for the probe packets.

  • IPv4 address:
    source ip     ip-address

  • IPv6 address:
    source ipv6     ipv6-address

By default, the packets take the primary IP address of the output interface as their source IP address.

The source IP address must be the IP address of a local interface, and the interface must be up. Otherwise, no probe packets can be sent out.

prev

 

up

 next

Configuring the FTP template 

home

 Configuring the SSL template

© Copyright 2017 Hewlett Packard Enterprise Development LP