Authentication
Page 22 7450 ESS System Mangement Guide
Local Authentication
Local authentication uses user names and passwords to authenticate login attempts. The user
names and passwords are local to each router not to user profiles.
By default, local authentication is enabled. When one or more of the other security methods are
enabled, local authentication is disabled. Local authentication is restored when the other
authentication methods are disabled. Local authentication is attempted if the other authentication
methods fail and local is included in the authentication order password parameters.
Locally, user names and password management information can be configured. This is referred to
as local authentication. Remote security servers such as RADIUS or TACACS+, are not enabled.
RADIUS Authentication
Remote Authentication Dial-In User Service (RADIUS) is a client/server security protocol and
software that enables remote access servers to communicate with a central server to authenticate
dial-in users and authorize access to the requested system or service.
RADIUS allows you to maintain user profiles in a shared central database and provides better
security, allowing a company to set up a policy that can be applied at a single administered
network point.
RADIUS Server Selection
The RADIUS server selection algorithm is used by different applications:
• RADIUS operator management
• RADIUS authentication for Enhanced Subscriber Management
• RADIUS accounting for Enhanced Subscriber Management
• RADIUS PE-discovery
In all these applications, up to 5 RADIUS servers pools (per RADIUS policy, if used) can be
configured.
The RADIUS server selection algorithm can work in 2 modes, either Direct mode or Round-robin
mode.
To Next Page
Loading...
