Avaya Inc. – External Distribution
5. Telnet Password Protection using
RADIUS Authentication
Users who access the Avaya switch or stack through Telnet, serial, or SSHv2 (password
authentication), can be authenticated against a RADIUS server. The ERS 5000, ERS 4500, and
ERS 2500 each support two different user access levels which are read-only and read-write with
support for up to two RADIUS servers. RADIUS attribute type 6, Service-Type, is used to
determine the access level. The following displays the complete list of RADIUS attribute values
for the RADIUS Service-Type attribute where value 6 (Administrative) is used for read-write
access and value 7 (NAS Prompt) is used for read-only access
Sub-registry: Values for RADIUS Attribute 6, Service-Type
Reference: [RFC2865][RFC3575]
Registration Procedures: IETF Consensus
Registry:
Value Description Reference
----- ------------------------------- ---------
1 Login
2 Framed
3 Callback Login
4 Callback Framed
5 Outbound
6 Administrative
7 NAS Prompt
8 Authenticate Only
9 Callback NAS Prompt
10 Call Check
11 Callback Administrative
12 Voice [Chiba]
13 Fax [Chiba]
14 Modem Relay [Chiba]
15 IAPP-Register [IEEE 802.11f][Kerry]
16 IAPP-AP-Check [IEEE 802.11f][Kerry]
17 Authorize Only [RFC3576]
18 Framed-Management [RFC5607]
To add a RADIUS server, enter the following command to view the various configurable options:
ERS-Stackable(config)# radius-server ?
host RADIUS primary host
key RADIUS shared secret
password RADIUS password fallback
port RADIUS UDP port
secondary-host RADIUS secondary host
timeout RADIUS time-out period
To Next Page
Loading...
