EasyManuals Logo

Opengear ACM7000 User Manual

Opengear ACM7000
246 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #188 background imageLoading...
Page #188 background image
Chapter 8: Authentication
188
8.2 PAM (Pluggable Authentication Modules)
The console server supports RADIUS, TACACS+ and LDAP for two-factor authentication via PAM
(Pluggable Authentication Modules). PAM is a flexible mechanism for authenticating users. Nowadays a
number of new ways of authenticating users have become popular. The challenge is that each time a new
authentication scheme is developed; it requires all the necessary programs (login, ftpd etc.) to be
rewritten to support it.
PAM provides a way to develop programs that are independent of authentication scheme. These
programs need authentication modules to be attached to them at run-time in order to work. Which
authentication module is to be attached is dependent upon the local system setup and is at the discretion
of the local administrator.
The console server family supports PAM to which we have added the following modules for remote
authentication:
RADIUS - pam_radius_auth (http://www.freeradius.org/pam_radius_auth/)
TACACS+ - pam_tacplus (http://echelon.pl/pubs/pam_tacplus.html)
LDAP - pam_ldap (http://www.padl.com/OSS/pam_ldap.html)
Further modules can be added as required.
Changes may be made to files in /etc/config/pam.d / which will persist, even if the authentication
configurator is run.
Users added on demand:
When a user attempts to log in but does not have an account on the console server, a new user
account is created. This account will have no rights and no password set. They will not appear in
the Opengear configuration tools.
Automatically added accounts will not be able to log in if the remote servers are unavailable
Admin rights granted over AAA:
Users may be granted administrator rights via networked AAA. For TACACS a priv-lvl of 12 of
above indicates an administrator. For RADIUS, administrators are indicated via the Framed Filter
ID. (See the example configuration files below)
Authorization via TACACS, LDAP or RADIUS for using remote groups
Authorization via TACACS for both serial ports and host access:

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Opengear ACM7000 and is the answer not in the manual?

Opengear ACM7000 Specifications

General IconGeneral
RS-232 ports8
SIM card slotYes
USB 2.0 ports quantity4
Number of simultaneous SIM cards2
CertificationEN 55022:2010, CISPR 22:2008, FCC Part 15 B:2015, ICES-003 5 (2014), AS/NZS CISPR 22:2009+A1:2010, EN 61000-3-2:2006/A2:2009, EN 61000-3-3:2008 EN 55024:2010, CISPR 24:2010, EN 61000-4-2:2009, EN 61000-4-3:2006+A2:2010, EN 61000-4-4:2004+A1:2010, EN 61000-4-5:2006, EN 61000-4-6:2009, EN 61000-4-8:2010, EN 61000-4-11:2004 CE, UL 1950, TUV, C-Tick, RoHS
Mounting typeRack mounting
Product colorBlack, Red
Antenna connector typeSMA
Flash memory32 MB
Internal memory256 MB
Processor frequency800 MHz
Control display unitNo
Internal memory typeDDR3
Input voltage110 - 240 V
DC input voltage12 V
Storage temperature (T-T)-40 - 75 °C
Operating temperature (T-T)-25 - 60 °C
Operating relative humidity (H-H)5 - 90 %
Security algorithmsIPSec, SSH-2, SSL/TLS
Weight and Dimensions IconWeight and Dimensions
Depth120 mm
Width130 mm
Height35 mm
Weight6000 g

Related product manuals