# Configuring RADIUS ## Configuring RADIUS ​RADIUS is commonly used in enterprise and service provider networks to authenticate and authorize users before granting them access to network services. In SONiC NOS, RADIUS is supported to achieve a crucial role in securing and managing network access by providing a centralized authentication, authorization, and accounting framework. SONiC switch performs a Client - network access server (NAS) role. {% hint style="info" %} RADIUS is not supported on these platforms: EdgeCore AS5812 & EdgeCore AS7712 {% endhint %} ## **Global Level:** ### **Reference** | Command | \[no] radius \[auth-type <\ default pap>] \[nasip ] \[key ] \[source-ip ] \[retransmit ] \[timeout ] | | ----------- | ------------------------------------------------------------------------------------------------------------------------- | | Description | Configure RADIUS | | Parameters | auth-type, nasip, key, source-ip, retransmit, timeout | | Mode | CONFIG | #### **Example** ``` pbnoscli(config)# radius auth-type Authentication type, default pap key Add key nasip NAS IP address retransmit Number of retries, default 3 source-ip source ip address timeout Transmission timeout interval <1-60>, default 5 pbnoscli(config)# radius timeout 60 pbnoscli(config)# radius source-ip 10.4.4.52 pbnoscli(config)# radius key testing123 pbnoscli(config)# end ``` ​​You can verify the configuration by using the command(s) below: ``` pbnoscli# show radius RADIUS global auth_type pap RADIUS global passkey ***** RADIUS global timeout 5 RADIUS global nasip (Default) RADIUS global source-ip 10.4.4.52 RADIUS global retransmit 3 =========================================================================================================================================== IP Auth_type Passkey Auth-port Priority source-intf retransmit Timeout =========================================================================================================================================== 10.4.4.11 pap N/A 1812 1 N/A 3 5 pbnoscli# ``` ## **Server Level** ### **Reference** | Command | \[no] radius-server host key \[auth-type \ default pap] \[auth-port \] \[priority \] source-intf \[retransmit ] \[timeout ] | | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Description | Configure RADIUS | | Parameters | auth-type, auth-port, priority,source-interface, retransmit, timeout | | Mode | CONFIG | #### **Example** ``` pbnoscli# configure terminal pbnoscli(config)# radius host Add host pbnoscli(config)# radius-server host A.B.C.D A:B::C:D pbnoscli(config)# radius-server host 10.4.4.11 ``` You can verify the configuration by using the command(s) below: ``` pbnoscli# show radius 10.4.4.11 RADIUS global auth_type pap RADIUS global passkey ***** RADIUS global timeout 5 RADIUS global nasip (Default) RADIUS global source-ip 10.4.4.52 RADIUS global retransmit 3 =========================================================================================================================================== IP Auth_type Passkey Auth-port Priority source-intf retransmit Timeout =========================================================================================================================================== 10.4.4.11 pap N/A 1812 1 N/A 3 5 pbnoscli# ```