Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

VRF support for RADIUS authentication

An overview of VRF support for RADIUS authentication and configuration examples.

RADIUS must run on a single routing instance. If you configure a RADIUS server without specifying the routing instance, the RADIUS server starts in the default routing instance. If you specify a nondefault routing instance, you must verify that all servers configured for AAA with the RADIUS server are accessible by way of the same routing instance.

The following examples show excerpts of RADIUS configurations that use these values:
  • routing instance = BLUE
  • radius-server-address = 42.42.42.42
  • secret-code = secured
  • port-no = 1820
  • timeout = 2
The following example shows how to configure RADIUS for the default routing instance.
vyatta@R1# set system login radius-server 42.42.42.42
vyatta@R1# set system login radius-server 42.42.42.42 secret secured
vyatta@R1# set system login radius-server 42.42.42.42 port 1820
vyatta@R1# set system login radius-server 42.42.42.42 timeout 2
vyatta@R1# commit
vyatta@R1# run show configuration 
system {
        login {
                radius-server 42.42.42.42 {
                        secret secured
                        port 1820
                        timeout 2
                }
        }
}

The following example shows the same configuration sequence for the BLUE routing instance.

vyatta@R1# set routing routing-instance BLUE system login radius-server 42.42.42.42
vyatta@R1# set routing routing-instance BLUE system login radius-server 42.42.42.42 secret secured
vyatta@R1# set routing routing-instance BLUE system login radius-server 42.42.42.42 port 1820
vyatta@R1# set routing routing-instance BLUE system login radius-server 42.42.42.42 timeout 2
vyatta@R1# commit
vyatta@R1# run show configuration 
vyatta@R1# routing {
        routing-instance BLUE {
                system {
                        login {
                                radius-server 42.42.42.42 {
                                        secret secured
                                        port 1820
                                        timeout 2
                                }
                        }
                }
        }
}

For more information about RADIUS and configuring RADIUS, see Ciena Vyatta Network OS Basic System Configuration Guide.