- Administrative Security Guide
- IKEv2 Support
- RADIUS Authentication
- Configuring RADIUS Authentication
- Configure a RADIUS Server
Configure a RADIUS Server
- Access the
radius-servers configuration element.
ORACLE# configure terminal ORACLE(configure)# security ORACLE(security)# authentication ORACLE(authentication)# radius-servers ORACLE(radius-servers)#
- state—Set the
operational state of this RADIUS authentication server.
Retain the default value, enabled, to identify this RADIUS authentication server as operational. Use disabled to place this RADIUS authentication server in a non-operational mode.
- authentication-methods—Specify
the authentication methods supported by this RADIUS authentication server.
Valid values are:
- pap
- chap
- mschapv2
- eap
- all
- address—Specify the IP address of this RADIUS authentication server.
- port—Specify the
remote port monitored for RADIUS authentication requests.
Valid values are:
- 1645
- 1812
- realm-id—Identify the realm that provides transport services to this RADIUS authentication server.
- secret—Specify the shared secret between the Oracle Communications Session Border Controller and this RADIUS authentication server.
- nas-id—Provide a
string that uniquely identifies the
OCSBC to this RADIUS
authentication server.
For example:
ORACLE(radius-servers)# nas-id nas-id-170-30-0-1 ORACLE(radius-servers)#
- retry-limit—Specify
the number of times the
OCSBC retransmits an
unacknowledged authentication request to this RADIUS authentication server.
- Min: 1
- Max: 5
- retry-time—Specify
the interval (in seconds) between unacknowledged authentication requests.
- Min: 5
- Max: 10
- dead-time—Specify
the length (in seconds) of the quarantine period imposed an unresponsive RADIUS
authentication server.
- Min: 10
- Max: 10000
- maximum-sessions—Specify
the maximum number of outstanding sessions for this RADIUS authentication
server.
- Min: 1
- Max: 255
- class—Select the
RADIUS authentication server class, either primary or secondary.
The OCSBC tries to initiate contact with primary RADIUS authentication servers first, and only turns to secondary RADIUS authentication servers if no primaries are available.
If more than one RADIUS authentication server is designated as primary, the OCSBC uses a round-robin strategy to distribute authentication requests among available primaries.
- Type done to save your configuration.
- If necessary, configure additional RADIUS authentication servers.