security vpn l2tp remote-access authentication radius-server <ipv4> key <key>
Defines a RADIUS server authenticating L2TP VPN remote users.
- ipv4
- Multi-node. The IPv4 address of the RADIUS server. Mandatory if
authentication mode is
radius.
You can define more than one RADIUS server by creating multiple radius-server configuration nodes.
- key
- The password for the RADIUS server. This must be the same as that recorded on the RADIUS server. Mandatory if
authentication mode is
radius.
Supported characters are alphanumeric, space, and special characters. Strings containing spaces must be enclosed in double quotes.
Configuration mode
security {
vpn {
l2tp {
remote-access {
authentication {
radius-server ipv4 {
key key
}
}
}
}
}
}
Use this command to define one or more RADIUS servers for authenticating remote L2TP VPN and the login credentials required to access it.
At least one RADIUS server must be defined if RADIUS is set as the user authentication mode.
RADIUS servers are queried in the order they were configured. If the query to the first RADIUS server times out, the next RADIUS server in the list is queried. If no query is successful, the login attempt fails.
The RADIUS secret is specified in plain text. RADIUS secrets are stored in plain text on the system, and used as part of a cryptographic operation for transferring authentication information securely over the network. When you view RADIUS secrets, they are displayed in plain text.
Use the set form of this command to define a RADIUS server. Note that you cannot use set to change the IP address of a defined server. To change the server's IP address, delete the server and create a new one.
Use the delete form of this command to remove the RADIUS server configuration node or the key. Note that the key is mandatory; if you delete the key, you must configure another one.
Use the show form of this command to display RADIUS server configuration.