This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
aaa-radiusParams
The following operations can be performed on “aaa-radiusParams”:
show | unset | set |
show aaa radiusParams
Displays the current RADIUS configuration on the Citrix ADC.
Synopsis
show aaa radiusParams
Arguments
Output
serverIP IP address of your RADIUS server.
serverPort Port number on which the RADIUS server listens for connections.
radKey The key shared between the RADIUS server and clients. Required for allowing the Citrix ADC to communicate with the RADIUS server.
groupAuthName To associate AAA users with an AAA group, use the command
"bind AAA group ... -username ...".
You can bind different policies to each AAA group. Use the command
"bind AAA group ... -policy ..."
authTimeout Maximum number of seconds that the Citrix ADC waits for a response from the RADIUS server.
radNASip The option to send the Citrix ADC’s IP address (NSIP) as the “nasip” (Network Access Server IP) part of the Radius protocol to the server.
radNASid The nasid (Network Access Server ID). If configured, this string will be sent to the RADIUS server as the “nasid” as part of the Radius protocol.
IPAddress IP Address.
radVendorID Vendor ID for RADIUS group extraction.
radAttributeType Attribute type for RADIUS group extraction.
radGroupsPrefix Prefix string that precedes group names within a RADIUS attribute for RADIUS group extraction.
radGroupSeparator Group separator string that delimits group names within a RADIUS attribute for RADIUS group extraction.
passEncoding Enable password encoding in RADIUS packets that the Citrix ADC sends to the RADIUS server.
ipVendorID Vendor ID attribute in the RADIUS response. If the attribute is not vendor-encoded, it is set to 0.
ipAttributeType IP attribute type in the RADIUS response.
accounting The state of the Radius server that will receive accounting messages.
pwdVendorID Vendor ID of the password in the RADIUS response. Used to extract the user password.
pwdAttributeType Attribute type of the Vendor ID in the RADIUS response.
defaultAuthenticationGroup This is the default group that is chosen when the authentication succeeds in addition to extracted groups.
callingstationid Send Calling-Station-ID of the client to the RADIUS server. IP Address of the client is sent as its Calling-Station-ID.
authservRetry Number of retry by the Citrix ADC before getting response from the RADIUS server.
authentication Configure the RADIUS server state to accept or refuse authentication messages.
tunnelEndpointClientIP Send Tunnel Endpoint Client IP address to the RADIUS server.
builtin Indicates that a variable is a built-in (SYSTEM INTERNAL) type.
feature The feature to be checked while applying this config
Example
show aaa radiusparams Configured RADIUS parameters Server IP: 127.0.0.2 Port: 1812 key: secret Timeout: 10 Done
unset aaa radiusParams
Use this command to remove aaa radiusParams settings.Refer to the set aaa radiusParams command for meanings of the arguments.
Synopsis
unset aaa radiusParams [-serverIP] [-serverPort] [-authTimeout] [-radNASip] [-radNASid] [-radVendorID] [-radAttributeType] [-radGroupsPrefix] [-radGroupSeparator] [-passEncoding] [-ipVendorID] [-ipAttributeType] [-accounting] [-pwdVendorID] [-pwdAttributeType] [-defaultAuthenticationGroup] [-callingstationid] [-authservRetry] [-authentication] [-tunnelEndpointClientIP]
set aaa radiusParams
Modifies the global configuration settings for the RADIUS server. The settings that you specify are used for all SSL-VPN virtual servers unless you use authentication policies to create a configuration for a specific SSL-VPN virtual server.
Synopsis
set aaa radiusParams [-serverIP <ip_addr | ipv6_addr | *>] [-serverPort |
DISABLED )] [-radNASid |
OFF )] [-pwdVendorID |
DISABLED )] [-authservRetry |
OFF )] [-tunnelEndpointClientIP ( ENABLED | DISABLED )] |
Arguments
serverIP IP address of your RADIUS server.
serverPort Port number on which the RADIUS server listens for connections. Default value: 1812 Minimum value: 1
authTimeout Maximum number of seconds that the Citrix ADC waits for a response from the RADIUS server. Default value: 3 Minimum value: 1
radKey The key shared between the RADIUS server and clients. Required for allowing the Citrix ADC to communicate with the RADIUS server.
radNASip Send the Citrix ADC IP (NSIP) address to the RADIUS server as the Network Access Server IP (NASIP) part of the Radius protocol.
Possible values: ENABLED, DISABLED
radNASid Send the Network Access Server ID (NASID) for your Citrix ADC to the RADIUS server as the nasid part of the Radius protocol.
radVendorID Vendor ID for RADIUS group extraction. Minimum value: 1
radAttributeType Attribute type for RADIUS group extraction. Minimum value: 1
radGroupsPrefix Prefix string that precedes group names within a RADIUS attribute for RADIUS group extraction.
radGroupSeparator Group separator string that delimits group names within a RADIUS attribute for RADIUS group extraction.
passEncoding Enable password encoding in RADIUS packets that the Citrix ADC sends to the RADIUS server.
Possible values: pap, chap, mschapv1, mschapv2 Default value: mschapv2
ipVendorID Vendor ID attribute in the RADIUS response. If the attribute is not vendor-encoded, it is set to 0. Minimum value: 0
ipAttributeType IP attribute type in the RADIUS response. Minimum value: 1
accounting Configure the RADIUS server state to accept or refuse accounting messages.
Possible values: ON, OFF
pwdVendorID Vendor ID of the password in the RADIUS response. Used to extract the user password. Minimum value: 1
pwdAttributeType Attribute type of the Vendor ID in the RADIUS response. Minimum value: 1
defaultAuthenticationGroup This is the default group that is chosen when the authentication succeeds in addition to extracted groups. Maximum value: 64
callingstationid Send Calling-Station-ID of the client to the RADIUS server. IP Address of the client is sent as its Calling-Station-ID.
Possible values: ENABLED, DISABLED Default value: DISABLED
authservRetry Number of retry by the Citrix ADC before getting response from the RADIUS server. Default value: 3 Minimum value: 1 Maximum value: 10
authentication Configure the RADIUS server state to accept or refuse authentication messages.
Possible values: ON, OFF Default value: ON
tunnelEndpointClientIP Send Tunnel Endpoint Client IP address to the RADIUS server.
Possible values: ENABLED, DISABLED Default value: DISABLED
Example
To configure the default RADIUS parameters: set aaa radiusparams -serverip 192.30.1.2 -radkey sslvpn
Related Commands
Share
Share
In this article
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.