No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
radius-server testuser

radius-server testuser

Function

The radius-server testuser command enables the automatic detection function and configures an automatic detection account.

The undo radius-server testuser command restores the default settings.

By default, the automatic detection function is disabled.

Format

radius-server testuser username user-name password cipher password

undo radius-server testuser

Parameters

Parameter

Description

Value

username user-name

Specifies a user name used for automatic detection.

The value is a string of 1 to 253 case-sensitive characters. If the user name contains spaces, you must enclose the name with double quotation marks ("), for example, "user for test".

password cipher password

Specifies the user password for automatic detection.

The value is a character string of 1 to 128 characters without spaces and question marks. It is case sensitive. If it is in cipher text, the password is a string of 48, 68, 88, 108, 128, 148, 168, or 188 characters.

Views

RADIUS server template view

Default Level

3: Management level

Usage Guidelines

After the RADIUS server status is set to Down, you can configure the automatic detection function to test the RADIUS server reachability.

For the automatic status detection function, only the automatic detection user name and password need to be configured in the RADIUS server template on the device, and the automatic detection account does not need to be configured on the RADIUS server. Authentication success is not mandatory. If the device can receive the authentication failure response packet, the RADIUS server is properly working and the device sets the RADIUS server status to Up. If the device cannot receive the response packet, the RADIUS server is unavailable and the device sets the RADIUS server status to Down.

In a scenario where user accounts are stored on the third-party server, for example, user accounts are stored on the AD or LDAP server, you are advised to configure automatic detection accounts on the local RADIUS server; otherwise, the server performance deteriorates because the local RADIUS server needs to query accounts through the third-party server.

Automatic detection is classified into the following types according to differences of the RADIUS server status:
  • Down: By default, a device automatically detects only RADIUS servers in Down status. After the RADIUS server status is set to Down and the automatic detection interval expires, the device sends detection packets to the RADIUS server. If the device receives packets from the RADIUS server within the timeout period for detection packets, the device sets the RADIUS server status to Up; otherwise, the RADIUS server status remains Down.
  • Up: You can also enable automatic detection for RADIUS servers in Up status through a command on a device. After the automatic detection interval expires, the device sends detection packets to RADIUS servers. If conditions for setting the RADIUS server status to Down are met, the device sets the RADIUS server status to Down.

    On a large-scale network, you are not advised to enable automatic detection for RADIUS servers in Up status. This is because if automatic detection is enabled on multiple NAS devices, the RADIUS server periodically receives a large number of detection packets when processing RADIUS Access-Request packets source from users, which may deteriorate processing performance of the RADIUS server.

  • Force-up: After setting the RADIUS server status to Force-up and automatic detection is enabled, the device immediately sends a detection packet. If the device receives a packet from the RADIUS server within the timeout period, the device sets the RADIUS server status to Up; otherwise, the device sets the RADIUS server status to Down.

You can run the radius-server detect-server timeout command to configure the timeout period for detection packets.

Example

# Create a user account with the user name test and password Huawei@2012 in RADIUS server template acs.

<Huawei> system-view
[Huawei] radius-server template acs
[Huawei-radius-acs] radius-server testuser username test password cipher Huawei@2012
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 199173

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next