The radius-server session-manage command enables session management on the RADIUS server.
The undo radius-server session-manage command disables session management on the RADIUS server.
By default, session management is disabled on the RADIUS server.
radius-server session-manage { ip-address [ vpn-instance vpn-instance-name ] shared-key cipher share-key | any }
undo radius-server session-manage [ ip-address [ vpn-instance vpn-instance-name ] | all ]
Parameter |
Description |
Value |
|---|---|---|
| ip-address | Specifies the IP address of the RADIUS session management server. |
The value is in dotted decimal notation. |
| vpn-instance vpn-instance-name | Specifies the name of the VPN instance bound to the RADIUS session management server. |
The value must be the name of an existing VPN instance. |
| shared-key cipher share-key | Specifies the shared key of the RADIUS session management server. |
The value is a string of case-sensitive characters without spaces, and question marks. share-key can be a string of 1-128 characters in plain text or a string of 48, 68, 88, 108, 128, 148, 168, or 188 characters in cipher text. |
| any | Indicates that no RADIUS session management server is specified. |
- |
| all | Deletes all RADIUS session management servers. |
- |
Usage Scenario
To improve device security, run this command to enable session management on the RADIUS server. After this function is enabled, the device checks the source IP addresses and shared keys for the received session management packets. When the source IP addresses and shared keys match the configured values, the packets are processed; otherwise, the packets are discarded.
Precautions