EasyManua.ls Logo

Arris C4 - RADIUS Authentication; RADIUS Servers and Server Groups

Arris C4
3180 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Chapter 29: Security
STANDARD Revision 1.0 C4® CMTS Release 8.3 User Guide
© 2016 ARRIS Enterprises LLC. All Rights Reserved. 837
show line [detail]
6. To display the authentication method:
show authentication
RADIUS Authentication
RADIUS is based on the User Datagram Protocol (UDP) protocol. It supports request/response transactions for
authentication and accounting. It supports only MD5-based encryption of transmitted passwords.
Note: The Radius security protocol of the C4/c CMTS does not support accounting.
The Access-Challenge response is not supported. If one is received, it is treated as an Access-Reject response.
RADIUS offers authentication for a variety of user services including login and privilege-level change (e.g., entering enable
mode). If the server rejects a service request, the client drops the connection. Otherwise, the client establishes the service
parameters (e.g., session timeout, idle timeout, privilege level) as directed by the server and initiates the service.
RADIUS Servers and Server Groups
RADIUS uses UDP/IP for all client/server communication and requires MD5-based encryption of any transmitted user
password. A RADIUS client must therefore be provisioned with server-specific parameters such as IP address, port number,
and shared secret. Some network architectures may require multiple servers to ensure reliability. Other architectures may
require independent RADIUS servers or server clusters for each supported AAA function.
The current implementation of RADIUS has the following characteristics:
Configuration information must include the server’s IP addresses, authorization port number, shared secret, timeout
value, and retransmission limit.
The maximum length of the shared secret is 32 bits.
The privilege level is assigned by the server via the Service-Type attribute. Only two levels are allowed:
"Administrative(6)" and "NAS Prompt(7)". Administrative(6) corresponds to CLI privilege level 15 and NAS Prompt(7)
corresponds to privilege level 1.
The C4/c CMTS supports 32 independently configurable RADIUS servers and 16 server groups.
A RADIUS server may be assigned to multiple groups. This facilitates support of backup servers.

Table of Contents

Related product manuals