User's Manual 1028 Document #: LTRT-10466
Mediant 500L MSBR
Parameter Description
General RADIUS Parameters
Web: Use RADIUS for
Web/Telnet Login
EMS: Web Use Radius Login
CLI: enable-mgmt-login
[WebRADIUSLogin]
Enables RADIUS queries for Web and Telnet login authentication.
When enabled, logging into the device's Web and Telnet embedded
servers is done through a RADIUS server. The device
communicates with a user-defined RADIUS server and verifies the
given username and password against a remote database, in a
secure manner.
[0] Disable (default)
[1] Enable
Notes:
For RADIUS login authentication to function, you also need to set
the following parameters:
EnableRADIUS = 1 (Enable)
WebAuthMode = 0 (Basic Mode)
RADIUS authentication requires HTTP basic authentication,
where the username and password are transmitted in clear text
over the network. Therefore, it's recommended to set the
HTTPSOnly parameter to 1 to force the use of HTTPS, since the
Web: RADIUS Authentication
Server IP Address
EMS: RADIUS Auth Server IP
CLI: auth-server-ip
[RADIUSAuthServerIP]
Defines the IP address of the RADIUS authentication server.
Note: For this parameter to take effect, a device reset is required.
Web: RADIUS Authentication
Server Port
EMS: RADIUS Auth Server
Port
CLI: auth-server-port
[RADIUSAuthPort]
Defines the port of the RADIUS authentication server.
Note: For this parameter to take effect, a device reset is required.
Web: RADIUS Shared Secret
EMS: RADIUS Auth Server
Secret
CLI: shared-secret
[SharedSecret]
Defines the 'secret' used to authenticate the device to the RADIUS
server. This should be a cryptically strong password.
RADIUS Authentication Parameters
Web: Password Local Cache
Mode
CLI: local-cache-mode
[RadiusLocalCacheMode]
Defines the device's mode of operation regarding the timer
(configured by the parameter RadiusLocalCacheTimeout) that
determines the validity of the username and password (verified by
the RADIUS server).
[0] Absolute Expiry Timer = When you access a Web page, the
timeout doesn't reset, instead it continues decreasing.
[1] Reset Timer Upon Access = (Default) Upon each access to a
Web page, the timeout always resets (reverts to the initial value
configured by RadiusLocalCacheTimeout).
Web: Password Local Cache
Timeout
CLI: local-cache-timeout
[RadiusLocalCacheTimeout]
Defines the time (in seconds) the locally stored username and
password (verified by the RADIUS server) are valid. When this time
expires, the username and password become invalid and a must be
re-verified with the RADIUS server.
The valid range is 1 to 0xFFFFFF. The default is 300 (5 minutes).
To Next Page
Loading...
