EasyManuals Logo

EnerSys Alpha Cordex CXC HP User Manual

EnerSys Alpha Cordex CXC HP
279 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #216 background imageLoading...
Page #216 background image
Cordex®CXCHPControllerSoftwareManual|20-Maintainingthecontroller
20.7.1. RADIUS authentication
RemoteAuthenticationDial-InUserService(RADIUS)isaclient/serverprotocolandsoftwarethat
enablesclientstocommunicatewithacentralservertoauthenticateandauthorizetheiraccesstothe
requestedsystemorservice.ThissectionofthemanualdescribesRADIUSAuthentication,itsfeatures,
andhowtosetupthecontrollerasaRADIUSclient.
Notice: See your RADIUS server documentation for information about setting up the RADIUS
server.
20.7.1.1. RADIUS authentication
TheCordex®CXCHPcontrollercanbeconfiguredtouseaRADIUSservertoremotelyauthenticate
users.Inthiscase,thecontrollerisactingasaRADIUSclient.ARADIUSserver,suchasFreeRADIUS,
mustbeconfiguredseparatelyforremoteauthenticationtoworkcorrectly.
Notice: See your RADIUS server documentation for information about setting up the RADIUS
server.
ThefollowingarefeaturesforusingRADIUSauthentication.
Encryption Protocol: ProvidesencryptedPasswordAuthenticationProtocol(PAP)orChallenge-
HandshakeAuthenticationProtocol(CHAP).
Encrypted RADIUS Shared Secret: Providesasecurelyencrypted,sharedsecretauthentication
ontheRADIUSserver.
Test RADIUS Server Settings: ProvidesanauthenticationrequesttotesttheRADIUSserver
settings.
Network: OperatesontheUserDatagramProtocol(UDP).
How RADIUS Authentication Works
WhentheRemote Authentication Type fieldissettoRADIUS (TACACS+ is disabled) onthecontroller,
theusercredentialsareencrypted,andanauthenticationrequestissenttotheRADIUSServer.When
theRemote Authentication Type fieldissettoNone (RADIUS and TACACS+ are disabled),onlylocal
useraccountscanlogin.
Bydefault,thecontrollerexpectstheRADIUSservertoreturntheuser'sauthenticationusingGroup
Attribute ID 11(Filter-Id).WhenaRADIUSresponseisreceivedfromtheRADIUSserver,thevalueof
attribute"Filter-Id"containsastringGroup Attribute Value thatdefinestheuserrole.Thecontrolleruses
theUserRoleConfigurationtabletomatchthestringreceivedfromtheRADIUSservertoauthenticate
theuser.Iftheuser’sGroup Attribute Value matchesoneoftheassigneduserroles,thematchinguser
privilegeisgranted.Forexample,ifthereceivedFilter-IDattributehasavalue"operator",theuserhas
"OperatorUserRole".Iftherearenomatch,theuserisdeniedaccess.Uponasuccessfullogin,the
encryptedusercredentialsaresavedinthecontrollerscache.Thiscanbeusedifthereisasituation
wheretheRADIUSServerisunavailable.
0350058-J0 Rev AL Page 215

Table of Contents

Other manuals for EnerSys Alpha Cordex CXC HP

Preview: Integrator Guide
Integrator Guide48 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the EnerSys Alpha Cordex CXC HP and is the answer not in the manual?

EnerSys Alpha Cordex CXC HP Specifications

General IconGeneral
BrandEnerSys
ModelAlpha Cordex CXC HP
CategoryController
LanguageEnglish