EasyManuals Logo

Enterasys C5G124-24 User Manual

Enterasys C5G124-24
452 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #147 background imageLoading...
Page #147 background image
User Authentication Overview
Fixed Switch Configuration Guide 10-7
Figure 10-3 Selecting Authentication Method When Multiple Methods are Validated
Remote Authentication Dial-In Service (RADIUS)
This section provides details for the configuration of RADIUS and RFC 3580 attributes.
The Remote Authentication Dial-In User Service (RADIUS) is an extensible protocol used to carry
authentication and authorization information between the switch and the Authentication Server
(AS). RADIUS is used by the switch for communicating supplicant supplied credentials to the
authentication server and the authentication response from the authentication server back to the
switch. This information exchange occurs over the link-layer protocol.
The switch acts as a client to RADIUS using UDP port 1812 by default (configurable in the set
radius command). The authentication server contains a database of valid supplicant user accounts
with their corresponding credentials. The authentication server checks that the information
received from the switch is correct, using authentication schemes such as PAP, CHAP, or EAP. The
authentication server returns an Accept or Reject message to the switch based on the credential
validation performed by RADIUS. The implementation provides enhanced network security by
using a shared secret and MD5 password encryption.
Required authentication credentials depend upon the authentication method being used. For
802.1x and PWA authentication, the switch sends username and password credentials to the
authentication server. For MAC authentication, the switch sends the device MAC address and a
SMAC=User 1
SMAC=User 2
SMAC=User 3
Switch
MultiAuth Sessions Auth. Agent
Credit
Policy Role
Sales
Policy Role
Guest
Policy Role
Port X
802.1X
PWA
MAC
CEP
MAU Logic
<User 1, 802.1x, Authenticated, PID=Credit, Applied>
<User 2, PWA, Authenticated, PID=Sales, Applied>
<User 1, PWA, Authenticated, PID=Credit, Not Applied>
<User 3, MAC, Authenticated, PID=Guest, Applied>
<User 1, MAC, Authenticated, PID=Guest, Not Applied>
<User 2, MAC, Authenticated, PID=Guest, Not Applied>
For information about... Refer to page...
How RADIUS Data Is Used 10-8
The RADIUS Filter-ID 10-8
RFC 3580 — VLAN Authorization 10-8
Policy Maptable Response 10-10

Table of Contents

Other manuals for Enterasys C5G124-24

Preview: Quick Reference
Quick Reference2 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Enterasys C5G124-24 and is the answer not in the manual?

Enterasys C5G124-24 Specifications

General IconGeneral
BrandEnterasys
ModelC5G124-24
CategorySwitch
LanguageEnglish

Related product manuals