nas-ip (RADIUS scheme view)
Syntax
nas-ip { ipv4-address | ipv6 ipv6-address }
undo nas-ip
View
RADIUS scheme view
Default level
2: System level
Parameters
ipv4-address: IPv4 address in dotted decimal notation. It must be an address of the switch and cannot be 0.0.0.0, 255.255.255.255, a class D address, a class E address, or a loopback address.
ipv6 ipv6-address: Specifies an IPv6 address. It must be an address of the switch and must be a unicast address that is neither a loopback address nor a link-local address.
Description
Use nas-ip to specify a source IP address for outgoing RADIUS packets.
Use undo nas-ip to restore the default.
By default, the source IP address of an outgoing RADIUS packet is that configured by the radius nas-ip command in system view. If the radius nas-ip command is not configured, the source IP address is the IP address of the outbound interface.
The source IP address of RADIUS packets that a NAS sends must match the IP address of the NAS that is configured on the RADIUS server. A RADIUS server identifies a NAS by its IP address. Upon receiving a RADIUS packet, a RADIUS server checks whether the source IP address of the packet is the IP address of any managed NAS. If yes, the server processes the packet. If not, the server drops the packet.
The source IP address specified for outgoing RADIUS packets must be of the same IP version as the IP addresses of the RADIUS servers in the RADIUS scheme. Otherwise, the source IP address configuration does not take effect.
A RADIUS scheme can have only one source IP address for outgoing RADIUS packets. If you specify a new source IP address for the same RADIUS scheme, the new one overwrites the old one.
The setting configured by the nas-ip command in RADIUS scheme view is only for the RADIUS scheme, whereas that configured by the radius nas-ip command in system view is for all RADIUS schemes. The setting in RADIUS scheme view takes precedence.
Related commands: radius nas-ip.
Examples
# Set the source IP address for outgoing RADIUS packets to 10.1.1.1.
<Sysname> system-view [Sysname] radius scheme radius1 [Sysname-radius-radius1] nas-ip 10.1.1.1