To Next Page

To Previous Page

RADIUS Attributes for Enterprise NOS User Privileges

Whentheuserlogsin,theswitchauthenticateshis/herlevelofaccessbysending

theRADIUSaccessrequest,thatis,theclientauthenticationrequest,tothe

RADIUSauthenticationserver.

Iftheremoteuserissuccessfullyauthenticatedbytheauthenticationserver,the

switchwillverifytheprivilegesoftheremoteuserand

authorizetheappropriate

access.Theadministratorhastwooptions:toallowbackdooraccessviaTelnet,SSH,

HTTP,orHTTPS;toallowsecurebackdooraccessviaconsole,Telnet,SSH,orBBI.

Securebackdoorprovidesaccesstothe switchwhentheRADIUSserverscannotbe

reached.

ThedefaultCN 4093settingforbackdoorand

securebackdooraccessisdisabled.

Backdooraccessisalwaysenabledontheconsoleport.

Irrespectiveofbackdoorbeingenabledornot,youcanalwaysaccessthe switchvia

theconsoleportbyusingnoradiusasradiususername.Youcanthenenterthe

usernameandpasswordconfiguredontheswitch.Ifyou

aretryingtoconnectvia

SSH/Telnet/HTTP/HTTPS,therearetwopossibilities:

 Backdoorisenabled:Theswitchactslikeitisconnectingviaconsole.

 Securebackdoorisenabled:Youmustentertheusername:noradius.The

switchchecksifRADIUSserverisreachable.Ifitisreachable,thenyoumust

authenticateviaremoteauthenticationserver.OnlyifRADIUSserverisnot

reachable,youwillbepromptedforlocaluser/passwordtobeauthenticated

againsttheselocal

credentials.

Alluserprivileges,otherthanthoseassignedtotheAdministrator,havetobe

definedintheRADIUSdictionary.RADIUSattribute6whichisbuiltintoall

RADIUSserversdefinestheadministrator.Thefilenameofthedictionaryis

RADIUSvendor‐dependent.ThefollowingRADIUSattributesaredefinedfor

EnterpriseNOS

userprivilegeslevels:

Table 8.

EnterpriseNOS‐proprietaryAttributesforRADIUS

User Name/Access User-Service-Type Value

User Vendor‐supplied 255

Operator Vendor‐supplied 252

Administrator(USERID) Vendor‐supplied 6

Lenovo Flex System Fabric CN4093 User Manual

Other manuals for Lenovo Flex System Fabric CN4093