3–Managing Fabric Security
Device Security
59266-01 B 3-17
8. Select the Sign Packets option to enable the switch to include a digital
signature (Message-Authenticator) in all RADIUS access request packets
sent to the RADIUS server. A valid Message-Authenticator attribute is
required in all RADIUS server responses.
9. In the Secret box, enter the server secret. A secret is required for all
RADIUS servers. The secret is used when generating and checking the
Message-Authenticator attribute.
10. Click Add Server to add the server.
11. Click the Modify Authentication Order tab, and verify that Device
Authentication Order and User Authentication Order options are set to either
Radius or Radius Local for Radius Authentication to be implemented.
Local—attempts to authenticate using the local switch password
database.
RADIUS—attempts to authenticate using the RADIUS server (another
computer that provides authentication).
RADIUS Local—attempts to authenticate using the RADIUS server
first, then the local switch as a backup. If the switch cannot contact the
RADIUS server due to a network or some other problem, the switch
authenticates using the local password database (active security set).
12. Click Modify Order to set the authentication order.
13. Click Close to exit the dialog box.
Removing a RADIUS Server
When you remove a RADIUS server, you disable the management of
authentication user names and passwords over the network for that server.
To Next Page
Loading...
Need help?
General
