Enterasys SecureStack B3

To Next Page

To Previous Page

Configuring RADIUS

SecureStack B3 Configuration Guide 20-3

configuredontheswitch,theswitchthendynamicallyappliesthepolicyprofiletothephysical

porttheuser/deviceisauthenticatingon.

Filter-ID Attribute Formats

EnterasysNetworkssupportstwoFilter‐IDformats—“decorated”and“undecorated.”The

decoratedformathasthreeforms:

•Tospecifythepolicyprofiletoassigntotheauthenticatinguser(networkaccess

authentication):

Enterasys:version=1:policy=string

wherestringspecifiesthepolicyprofilename.Policyprofilenamesarecase‐sensitive.

•Tospecifyamanagementlevel(managementaccess

authentication):

Enterasys:version=1:mgmt=level

wherelevelindicatesthemanagementlevel,eitherro,rw,orsu.

•Tospecifybothmanagementlevelandpolicyprofile:

Enterasys:version=1:mgmt=level:policy=string

Theundecoratedformatissimplyastringthatspecifiesapolicyprofilename.Theundecorated

formatcannotbeusedformanagementaccessauthentication.

DecoratedFilter‐IDsareprocessed

firstbytheswitch.IfnodecoratedFilter‐IDsarefound,then

undecoratedFilter‐IDsareprocessed.IfmultipleFilter‐IDsarefoundthatcontainconflicting

values,aSyslogmessageisgenerated.

Configuring RADIUS

Purpose

Toperformthefollowing:

•ReviewtheRADIUSclient/serverconfigurationontheswitch.

•EnableordisabletheRADIUSclient.

•Setlocalandremoteloginoptions.

•Setprimaryandsecondaryserverparameters,includingIPaddress,timeoutperiod,

authenticationrealm,andnumberofuserloginattemptsallowed.

•ResetRADIUSserversettingstodefaultvalues.

• ConfigureaRADIUS

accountingserver.

Commands

For information about... Refer to page...

show radius 20-4

set radius 20-5

clear radius 20-7

show radius accounting 20-7

Related product manuals