48
Chapter 5: Using the Web-based Utility for Configuration
Security Tab - Authentication Servers
24-Port 10/100/1000 Gigabit Switch with Webview and PoE
Security Tab - Authentication Servers
Remote Authorization Dial-In User Service (RADIUS) servers provide additional security for networks. RADIUS 
servers provide a centralized authentication method for web access. 
This Switch uses the Extensible Authentication Protocol over LANs (EAPOL) to exchange authentication protocol 
messages with the client, and a remote RADIUS authentication server to verify user identity and access rights. 
When a client (i.e., Supplicant) connects to a switch port, the Switch (i.e., Authenticator) responds with an EAPOL 
identity request. The client provides its identity (such as a user name) in an EAPOL response to the Switch, which 
it forwards to the RADIUS server. The RADIUS server verifies the client identity and sends an access challenge 
back to the client. The EAP packet from the RADIUS server contains not only the challenge, but the authentication 
method to be used. The client can reject the authentication method and request another, depending on the 
configuration of the client software and the RADIUS server. The authentication method must be MD5. The client 
responds to the appropriate method with its credentials, such as a password or certificate. The RADIUS server 
verifies the client credentials and responds with an accept or reject packet. If authentication is successful, the 
Switch allows the client to access the network. Otherwise, network access is denied and the port remains 
blocked.
RADIUS Server Setting. Index, Server IP Address, Server Port Number (1-65535), Secret Key Screen, Number of 
Retries (1-30), Timeout for Reply (1-65535 sec).
TACACS Server Setting. Index, Server IP Address, Server Port Number (1-65535), Secret Key Screen.
Click Save Settings to save the changes.
Figure 5-28: Security - Athentication Servers