3: Management & Configuration
Server-1 / Server-2
Host
RADIUS server host-name or IPV4 address.
Port
RADIUS server UDP port to connect to.
Secret
Shared secret for this RADIUS server.
Radius server configuration
When RADIUS authentication is enabled, the unit supports Authentication and Authorization as configured on the
RADIUS server.
2 methods are supported for providing authorizations using standard RADIUS attribute.
If the attribute is not configured then the permissions will be set to:
• If the username exists locally, the local permissions will be assigned to the user.
• If the username does not exist locally, permissions will be set to viewer only.
Callback-Id (id=20)
Provides a fine grained permissions mechanism.
The permissions are the same as those that can be configured locally on the unit. It is a space or coma separated list of
tokens. They can be a mix of either locally defined user permission groups or individual privileges.
Service-Type (id=6)
Provides for full admin privileges if attribute is set to "Administrative-User". Any other value will grant viewer only.
Notes:
- RADIUS assigned permissions cannot be viewed with the CLI or web based interface.
- The permissions tokens are case sensitive.
Configuration examples
Callback-Id = "Admin"
A userid member of the built-in Admin group.
Callback-Id = "Config Firmware Log Management, Users"
A list of individual privileges.
Service-Type = "Administrative-User"
Grant full administration privileges. Same as first example.
To Next Page
Loading...
