Configuring a system for a RADIUS authentication server

This section provides a sample configuration of a vRouter for a RADIUS authentication server, as shown in the following figure.

Figure 1. Configuration of a RADIUS authentication server

The example shows how to define a RADIUS authentication server at the 10.10.30.23 IP address. The system is to access the RADIUS server by using a secret of vX87ssd9Z. Configuring the server address and the secret are the minimal configuration requirements. The port and timeout values can be changed, if required.

Note: Carefully select the shared secret because this secret (string of characters) prevents snooping attacks on passwords. This secret, or key, is used on every packet, so it is important to choose a key that makes brute-force attacks more difficult; this key should be harder to guess than any password on the system.

To define this RADIUS authentication server, perform the following steps in configuration mode.

Table 1. Configuring a system for a RADIUS authentication server
Step	Command
Provide the location of the server and the secret to be used to access it.	`vyatta@R1# set system login radius-server 10.10.30.23 secret vX87ssd9Z`
Commit the change.	`vyatta@R1# commit`
Save the configuration so that the changes persist after reboot.	`vyatta@R1# save Saving configuration to '/config/config.boot'... Done`
Show the contents of the system radius-server configuration node.	`vyatta@R1# show system radius-server radius-server 10.10.30.23 { secret vX87ssd9Z }`

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

Configuring a system for a RADIUS authentication server

Helpful Links

Key Resources