Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Configuring a system for a RADIUS authentication server

This section provides a sample configuration of a vRouter for a RADIUS authentication server, as shown in the following figure.

Figure 1. Configuration of a RADIUS authentication server

The example shows how to define a RADIUS authentication server at the 10.10.30.23 IP address. The system is to access the RADIUS server by using a secret of vX87ssd9Z. Configuring the server address and the secret are the minimal configuration requirements. The port and timeout values can be changed, if required.

Note: Carefully select the shared secret because this secret (string of characters) prevents snooping attacks on passwords. This secret, or key, is used on every packet, so it is important to choose a key that makes brute-force attacks more difficult; this key should be harder to guess than any password on the system.

To define this RADIUS authentication server, perform the following steps in configuration mode.

Table 1. Configuring a system for a RADIUS authentication server
Step Command

Provide the location of the server and the secret to be used to access it.

vyatta@R1# set system login radius-server 10.10.30.23 secret vX87ssd9Z

Commit the change.

vyatta@R1# commit

Save the configuration so that the changes persist after reboot.

vyatta@R1# save

Saving configuration to '/config/config.boot'...
Done

Show the contents of the system radius-server configuration node.

vyatta@R1# show system radius-server

radius-server 10.10.30.23 {
    secret vX87ssd9Z
}