EasyManuals Logo

Foundry Networks Switch and Router User Manual

Default Icon
1070 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #100 background imageLoading...
Page #100 background image
Foundry Switch and Router Installation and Configuration Guide
3 - 36 December 2000
RADIUS Configuration Considerations
You must deploy at least one RADIUS server in your network.
Foundry devices support authentication using up to eight RADIUS servers. The device tries to use the
servers in the order you add them to the devices configuration. If one RADIUS server is not responding, the
Foundry device tries the next one in the list.
You can select only one primary authentication method for each type of access to a device (CLI through
Telnet, CLI Privileged EXEC and CONFIG levels). For example, you can select RADIUS as the primary
authentication method for Telnet CLI access, but you cannot also select TACACS+ authentication as the
primary method for the same type of access. However, you can configure backup authentication methods for
each access type.
RADIUS Configuration Procedure
Use the following procedure to configure a Foundry device for RADIUS:
1. Configure Foundry vendor-specific attributes on the RADIUS server. See Configuring Foundry-Specific
Attributes on the RADIUS Server on page 3-36.
2. Identify the RADIUS server to the Foundry device. See Identifying the RADIUS Server to the Foundry
Device on page 3-37.
3. Set RADIUS parameters. See Setting RADIUS Parameters on page 3-38.
4. Configure authentication-method lists. See Configuring Authentication-Method Lists for RADIUS on page 3-
38.
5. Optionally configure RADIUS authorization. See Configuring RADIUS Authorization on page 3-40.
6. Optionally configure RADIUS accounting. Configuring RADIUS Accounting on page 3-40.
Configuring Foundry-Specific Attributes on the RADIUS Server
During the RADIUS authentication process, if a user supplies a valid username and password, the RADIUS server
sends an Access-Accept packet to the Foundry device, authenticating the user. Within the Access-Accept packet
are three Foundry vendor-specific attributes that indicate:
The privilege level of the user
A list of commands
Whether the user is allowed or denied usage of the commands in the list
You must add these three Foundry vendor-specific attributes to your RADIUS servers configuration, and
configure the attributes in the individual or group profiles of the users that will access the Foundry device.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Foundry Networks Switch and Router and is the answer not in the manual?

Foundry Networks Switch and Router Specifications

General IconGeneral
BrandFoundry Networks
ModelSwitch and Router
CategorySwitch
LanguageEnglish

Related product manuals