radius-server testuser

Function

The radius-server testuser command enables the automatic detection function and configures an automatic detection account.

The undo radius-server testuser command restores the default settings.

By default, the automatic detection function is disabled.

Format

radius-server testuser username user-name password cipher password

undo radius-server testuser

Parameters

Parameter	Description	Value
username user-name	Specifies a user name used for automatic detection.	The value is a string of 1 to 253 case-sensitive characters. If the user name contains spaces, you must enclose the name with double quotation marks ("), for example, "user for test".
password cipher password	Specifies the user password for automatic detection.	The value is a character string of 1 to 128 characters without spaces and question marks. It is case sensitive. If it is in cipher text, the password is a string of 48, 68, 88, 108, 128, 148, 168, or 188 characters.

Views

RADIUS server template view

Default Level

3: Management level

Usage Guidelines

After the RADIUS server status is set to Down, you can configure the automatic detection function to test the RADIUS server reachability.

For the automatic status detection function, only the automatic detection user name and password need to be configured in the RADIUS server template on the device, and the automatic detection account does not need to be configured on the RADIUS server. Authentication success is not mandatory. If the device can receive the authentication failure response packet, the RADIUS server is properly working and the device sets the RADIUS server status to Up. If the device cannot receive the response packet, the RADIUS server is unavailable and the device sets the RADIUS server status to Down.

Automatic detection is classified into the following types according to differences of the RADIUS server status:

Down: By default, a device automatically detects only RADIUS servers in Down status. After the RADIUS server status is set to Down and the automatic detection interval expires, the device sends detection packets to the RADIUS server. If the device receives packets from the RADIUS server within the timeout period for detection packets, the device sets the RADIUS server status to Up; otherwise, the RADIUS server status remains Down.
Up: You can also enable automatic detection for RADIUS servers in Up status through a command on a device. After the automatic detection interval expires, the device sends detection packets to RADIUS servers. If conditions for setting the RADIUS server status to Down are met, the device sets the RADIUS server status to Down.

On a large-scale network, you are not advised to enable automatic detection for RADIUS servers in Up status. This is because if automatic detection is enabled on multiple NAS devices, the RADIUS server periodically receives a large number of detection packets when processing RADIUS Access-Request packets source from users, which may deteriorate processing performance of the RADIUS server.
Force-up: After setting the RADIUS server status to Force-up and automatic detection is enabled, the device immediately sends a detection packet. If the device receives a packet from the RADIUS server within the timeout period, the device sets the RADIUS server status to Up; otherwise, the device sets the RADIUS server status to Down.

You can run the radius-server detect-server timeout command to configure the timeout period for detection packets.

Example

# Create a user account with the user name test and password Huawei@2012 in RADIUS server template acs.

<HUAWEI> system-view
[HUAWEI] radius-server template acs
[HUAWEI-radius-acs] radius-server testuser username test password cipher Huawei@2012