#9 Viper_SC_Manual_001-5008-000_Rev12e.docx | Page 64
User access can be configured independently for Command Shell and HTTP and FTP Servers. In the following descriptions,
the HTTP interface is used as an example but they also apply to the FTP and command shell interfaces.
― Local. Authentication is done locally, i.e. within the Viper device. Example: when accessing the HTTP server, check the
user credentials against username and password stored in the unit. The user will not be able to access the HTTP server
unless proper credentials are provided. Local authentication is currently performed on the password only.
― Radius & Local. When accessing the HTTP server, check the user credentials against username and password stored in
the unit. If the username and password fail to match local credentials, check for a match against the RADIUS server
credential database.
― RADIUS. When accessing the HTTP server, check the user credentials against the RADIUS server. If the user credentials
fail to match with the RADIUS server, access to the HTTP server is denied.
In order for Radius authentication to work, Client settings must be properly configured.
4.5.2.1.2 DEVICE AUTHENTICATION
Figure 52 illustrates device authentication using Radius with a Viper Network. In this example, VPN Client 2 requests a
secure tunnel. The VPN server initiates a RADIUS transaction to authenticate Client 2 using its MAC address as a username
and password. The tunnel is created only if the RADIUS server responds with an authentication grant.
Figure 52 – Device Authentication
To utilize Device Authentication, your network must use the following configuration parameters: The master device (Viper
1) must have Device Authentication: Enabled, and must be configured as Access Point (4.3.1) and VPN Server (Security
VPN). All remote devices (Vipers 2-4) must have VPN Module: Enabled and be configured as VPN Clients. (Security VPN).
4.5.2.2 CLIENT
To Next Page
Loading...
Need help?
General
