Enterasys SecureStack C2 C2G170-24 - Page 620

Enterasys SecureStack C2 C2G170-24

698 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

set radius

23-6 Authentication and Authorization Configuration

Defaults

Ifsecret‐valueisnotspecified,nonewillbeapplied.

Ifrealmisnotspecified,theanyaccessrealmwillbeused.

Mode

Switchcommand,read‐write.

Usage

TheSecureStackC2deviceallowsupto10RADIUSaccountingserverstobeconfigured,withup

totwoserversactiveatanygiventime.

TheRADIUSclientcanonlybeenabledontheswitchonceaRADIUSserverisonline,anditsIP

address(es)hasbeenconfiguredwiththesamepassword

theRADIUSclientwilluse.

Examples

ThisexampleshowshowtoenabletheRADIUSclientforauthenticatingwithRADIUSserver1at

IPaddress192.168.6.203,UDPauthenticationport1812,andanauthenticationpasswordof

“pwsecret.”Aspreviouslynoted,the“serversecret”passwordenteredheremustmatchthat

alreadyconfiguredastheRead‐Write(rw)passwordonthe

RADIUSserver:

C2(su)->set radius server 1 192.168.6.203 1812 pwsecret

ThisexampleshowshowtosettheRADIUStimeoutto5seconds:

C2(su)->set radius timeout 5

ThisexampleshowshowtosetRADIUSretriesto10:

C2(su)->set radius retries 10

realm

management‐

access|any|

network‐access

RealmallowsyoutodefinewhohastogothroughtheRADIUSserverfor

authentication.

• management‐access:Thismeansthatanyonetryingtoaccesstheswitch

(Telnet,SSH,LocalManagement)hastoauthenticatethroughthe

RADIUSserver.

• network‐access:Thismeansthat

alltheusershavetoauthenticatetoa

RADIUSserverbeforetheyareallowedaccesstothenetwork.

• any:Meansthatbothmanagement‐accessandnetwork‐accesshave

beenenabled.

Note: If the management-access or any access realm has been configured, the

local “admin” account is disabled for access to the switch using the console, Telnet,

or Local Management. Only the network-access realm allows access to the local

“admin” account.

index|all Appliestherealmsettingtoaspecificserverortoallservers.

Note: If RADIUS is configured with no host IP address on the device, it will use the loopback

interface 0 IP address (if it has been configured) as its source for the NAS-IP attribute. For

information about configuring loopback interfaces, refer to “interface” on page 19-2.

Table of Contents

Other manuals for Enterasys SecureStack C2 C2G170-24

Hardware Installation Guide74 pages

Related product manuals

Preview: SecureStack C2 C2G124-24

SecureStack C2 C2G124-24

Preview: SecureStack C2 C2G124-48P

SecureStack C2 C2G124-48P

Preview: Enterasys SecureStack C2

Enterasys SecureStack C2

Preview: Enterasys SecureStack B3

Enterasys SecureStack B3

Preview: SecureStack A2 A2H124-24

SecureStack A2 A2H124-24

Preview: SecureStack B3 B3G124-48

SecureStack B3 B3G124-48

SecureStack A2 A2H254-16

Preview: SecureStack B3 B3G124-24P

SecureStack B3 B3G124-24P

Preview: SecureStack B2 B2G124-48P

SecureStack B2 B2G124-48P

Preview: Enterasys SSA-T1068-0652

Enterasys SSA-T1068-0652

Enterasys SSA-G1018-0652

Preview: Enterasys C3G124-24

Enterasys C3G124-24