RADIUS Commands
  • 10 Jul 2024
  • 4 Minutes to read
  • Contributors
  • PDF

RADIUS Commands

  • PDF

Article summary

RADIUS (Remote Authentication Dial-In User Service) CLI commands are categorized as follows:

Configuration Command

This section includes the RADIUS configuration command.

radius-server host

Command Objective:
This command configures the RADIUS client with the parameters (host, timeout, key, retransmit).


Note: The maximum number of radius servers that can be configured is 5.

The no form of the command deletes the RADIUS server configuration.

Syntax:
radius-server host {ipv4-address | ipv6-address | < dns_host_name >} [auth-port < integer(1-65535) >] [acct-port < integer(1-65535) >] [timeout <1-120>] [retransmit < 1-254 >] [key < secret-key-string >] [primary]

no radius-server host {ipv4-address | ipv6-address | < dns_host_name >} [primary]

Parameter Description:

  • ipv4-address - Configures the IPv4 address of the RADIUS server host.
  • ipv6-address - Configures the IPv6 address of the RADIUS server host.
  • < dns_host_name >- Configures the DNS (Domain Name System) name of the RADIUS server host. This value is a string of maximum size 255.
  • auth-port < integer(1-65535) > - Configures a specific UDP (User Datagram Protocol) destination port on this RADIUS server to be used solely for authentication requests. This value ranges from 1 to 65535.
  • acct-port < integer(1-65535) > - Configures a specific UDP destination port on this RADIUS to be solely used for accounting requests. This value ranges from 1 to 65535.
  • timeout <1-120 > - Configures the time period in seconds for which a client waits for a response from the server before re-ransmitting the request. This value ranges from 1 to 120 seconds.
  • retransmit <1-254 > - Configures the maximum number of attempts to be tried by a client to get response from the server for a request. The value number of retransmit attempts ranges between 1 and 254
  • key < secret-key-string > - Configures the per-server encryption key which specifies the authentication and encryption key for all RADIUS communications between the authenticator and the RADIUS server. This value is a string of maximum size 46. If the key value is not configured, then the default key "AltranRADIUS" will be used.
  • primary - Sets the RADIUS server as the primary server. Only one server can be configured as the primary server, any existing primary server will be replaced when the command is executed with this option.

Mode:
Global Configuration Mode

Default:
timeout - 10 seconds
retransmit - 3 attempts
auth-port - 1812
acct-port - 1813

Example:

Your Product (config)# radius-server host 10.0.0.1 key pass
Your Product (config)# radius-server host host1 
Radius will be configured with the default secret key

Display Commands

This section includes RADIUS display commands.

show radius server

Command Objective:
This command displays RADIUS server Host information which contains, Index, Server address, Shared secret, Radius Server status, Response Time, Maximum Retransmission, Authentication Port, and Accounting Port.

Syntax:
show radius server [{< ucast_addr > | < ip6_addr > | < dns_host_name >}]

Parameter Description:

  • < ucast_addr > - Displays the related information of the specified unicast address of the RADIUS server host.
  • < ip6_addr >- Displays the related information of the specified IPv6 address of the RADIUS server host.
  • < dns_host_name >- Displays the name of the RADIUS server host. This value is a string of a maximum of 255.

Mode:
Privileged EXEC Mode

Example:

Your Product# show radius server
Primary Server           : 2005::33
Radius Server Host Information
------------------------------
Index                    : 1
Server address           : 13.0.0.100
Shared secret            : -
Radius Server Status     : Enabled
Response Time            : 10
Maximum Retransmission   : 3
Authentication Port      : 1812
Accounting Port          : 1813
--------------------------------------------
Index                    : 2
Server address           : 2005::33
Shared secret            : -
Radius Server Status     : Enabled
Response Time            : 10
Maximum Retransmission   : 3
Authentication Port      : 1812
Accounting Port          : 1813
--------------------------------------------
Radius Server Host Information
------------------------------
Index                    : 1
Primary Server           : host1
Shared secret            :
Radius Server Status     : Enabled
Response Time            : 10
Maximum Retransmission   : 3
Authentication Port      : 1812
Accounting Port          : 1813
--------------------------------------------
Your Product # show radius server host1    
Radius Server Host Information
------------------------------
Index                    : 1
Primary Server           : host1
Shared secret            :
Radius Server Status     : Enabled
Response Time            : 10
Maximum Retransmission   : 3
Authentication Port      : 1812
Accounting Port          : 1813
--------------------------------------------

show radius statistics

Command Objective:
This command displays RADIUS Server Statistics for the data transfer between the server and the client from the time of initiation.

Syntax:
show radius statistics

Mode:
Privileged EXEC Mode


Note: This command displays the information only for the servers configured in the TACACS server table.

Example:

Your Product# show radius statistics
Radius Server Statistics
-------------------------
Index                            : 1
UDP port number                  : 1812
Round trip time                  : 0
No of request packets            : 0
No of retransmitted packets      : 0
No of access-accept packets      : 0
No of access-reject packets      : 0
No of access-challenge packets   : 0
No of malformed access responses : 0
No of bad authenticators         : 0
No of pending requests           : 0
No of time outs                  : 0
No of unknown types              : 0
--------------------------------------------
Index                            : 2
Server address                   : 10.0.0.1
UDP port number                  : 1812
Round trip time                  : 0
No of request packets            : 0
No of retransmitted packets      : 0
No of access-accept packets      : 0
No of access-reject packets      : 0
No of access-challenge packets   : 0
No of malformed access responses : 0
No of bad authenticators         : 0
No of pending requests           : 0
No of time outs                  : 0
No of unknown types              : 0
--------------------------------------------

© 2024 Cisco and/or its affiliates. All rights reserved.
 
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms

For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks



Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.