RADIUS
type
Command objective: Sets the RADIUS authentication server to internal or external for the specified frequency band.
Syntax: radius {2.4g | 5g} {primary | secondary} type {external | internal}
Parameter description:
- external: Use an external RADIUS server for authentication. See enable server.
- internal: Use the access point's internal RADIUS server. See internal.
Default: External.
Example:
radius 2.4g primary type internal
enable server
Command objective: Turns RADIUS authentication on or off and configures the external server options for the specified frequency band.
Syntax: radius {2.4g | 5g} {primary | secondary} enable server <ipaddress> secret <sharedsecret> authport <port>
Parameter description:
- ipaddress: The IP address of the RADIUS server you want to use.
- sharedsecret: The shared secret for the RADIUS server. Must be between 1 and 99.
- port: The port you want to use for RADIUS authentication. Must be between 1 and 65635.
Default: Port 1812.
Example:
radius 2.4g primary enable server 192.168.2.250 secret P@ssw0rd authport 1813
session_time
Command objective: Sets the Session timeout value for external RADIUS authentication.
Syntax: radius {2.4g | 5g} {primary | secondary} session_time <timeout>
Parameter description:
- timeout: Sets the time, in seconds, before devices must reauthenticate. Must be between 0 and 86400.
Default: 3600
Example:
radius 5g secondary session_time 4800
accounting
Command objective: Turns RADIUS accounting on or off.
Syntax: radius {2.4g | 5g} {primary | secondary} accounting {disable | enable}
Example:
radius 5g primary accounting disable
accounting_port
Command objective: Sets the UDP port you want to use for RADIUS accounting.
Syntax: radius {2.4g | 5g} {primary | secondary} accounting_port <port>
Parameter description:
- port: Set a port between 1 and 65535.
Default: 1813
Example:
radius 2.4g primary accounting_port 1815
accounting_interval
Command objective: Sets the frequency at which RADIUS accounting data is sent to the RADIUS server.
Syntax: radius {2.4g | 5g} {primary | secondary} accounting_interval <time>
Parameter description:
- time: Time, in seconds, at which RADIUS accounting data is sent to the RADIUS server. Must be between 60 and 86400.
Default: 600
Example:
radius 2.4g primary accounting_interval 3600
internal
Command objective: Turns the internal RADIUS server on or off.
Syntax: radius internal {disable | enable}
Default: Disabled.
Example:
radius internal enable
session_timeout
Command objective: Sets the Session timeout value for the access point's internal RADIUS server.
Syntax: radius internal session_timeout <timeout>
Parameter description:
- timeout: Sets the time, in seconds, before devices must reauthenticate. Must be between 0 and 86400.
Default: 3600
Example:
radius internal session_timeout 36000
shared_key
Command objective: Sets the Shared secret value for the access point's internal RADIUS server.
Syntax: radius internal shared_key <sharedsecret>
Parameter description:
- sharedsecret: Enter a shared secret 1 to 99 characters in length.
Example:
radius internal shared_secret P@ssw0rd
termination_action
Command objective: Sets the Session timeout value for the access point's internal RADIUS server.
Syntax: radius internal termination_action {not_reauth | not_send | reauth}
Parameter description:
- not_reauth: The device terminates the session and isn't automatically reauthenticated.
- not_send: No termination-action attribute is sent to the access point.
- reauth: Devices send a RADIUS request to the access point for reauthentication.
Default: not_reauth
Example:
radius internal termination_action reauth
admin
Command objective: Adds or removes users from the internal RADIUS server.
Syntax: radius admin {add <username> <password> | delete {num <number> | all}}
Parameter description:
- username: The username of the user you want to add.
- password: The password of the user you want to add.
- num: The number of the user you want to delete.
-
all: Delete all users from the internal RADIUS server.
Warning
Running the
radius admin delete all
command will delete all users from the internal RADIUS server without confirmation.
Example:
radius admin add jsmith JohnSmith1
show status
Command objective: Shows the RADIUS settings.
Syntax: radius show status
Example:
man$radius show status
~~~~~~~~~~ Commands | Help ~~~~~~~~~~~~~~~~~~
[Enter] | execute command.
? | For Help
man$radius show status
RADIUS Server (2.4 GHz)
Primary RADIUS Server
RADIUS Server IP Address ***.***.***.***
Authentication Port 1812
Shared Secret ********
Session Timeout 3600
Accounting Enable
Accounting Port 1813
Accounting interval 600
Second RADIUS Server
RADIUS Server IP Address
Authentication Port 1812
Shared Secret
Session Timeout 3600
Accounting Enable
Accounting Port 1813
Accounting interval 600
--------------------------------------------------------------------------------
RADIUS Server (5 GHz)
Primary RADIUS Server
RADIUS Server IP Address ***.***.***.***
Authentication Port 1812
Shared Secret ********
Session Timeout 3600
Accounting Disable
Accounting Port 1813
Accounting interval 600
Second RADIUS Server
RADIUS Server IP Address
Authentication Port 1812
Shared Secret
Session Timeout 3600
Accounting Enable
Accounting Port 1813
Accounting interval 600
--------------------------------------------------------------------------------