EasyManuals Logo
Home>Siemens>Network Hardware>RUGGEDCOM ROX II

Siemens RUGGEDCOM ROX II User Manual

Siemens RUGGEDCOM ROX II
798 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #185 background imageLoading...
Page #185 background image
RUGGEDCOM ROX II
CLI User Guide
Chapter 6
Security
Configuring RADIUS Authentication for LOGIN Services 139
Attribute Value
String: RuggedCom
A RADIUS server may also be used to authenticate access on ports with IEEE 802.1x security enabled. When this is
required, the following attributes are sent by the RADIUS client to the RADIUS server:
Attribute Value
User-Name { The user name as derived from the client's EAP identity response }
NAS-IP-Address { The Network Access Server IP address }
Service-Type 2
Frame-MTU 1500
EAP-Message
a
{ A message(s) received from the authenticating peer }
a
EAP-Message is an extension attribute for RADIUS, as defined by RFC 2869 [http://freeradius.org/rfc/rfc2869.html#EAP-Message].
Primary and secondary RADIUS servers, typically operating from a common database, can be configured for
redundancy. If the first server does not respond to an authentication request, the request will be forwarded to the
second server until a positive/negate acknowledgment is received.
NOTE
RADIUS authentication activity is logged to the authentication log file var/log/auth.log. Details
of each authentication including the time of occurrence, source and result are included. For more
information about the authentication log file, refer to Section4.10.1, “Viewing Logs”.
RUGGEDCOM ROX II supports RADIUS authentication for the LOGIN and PPP services. Different RADIUS servers can
be configured to authenticate both services separately or in combination.
The LOGIN services consist of the following access types:
Local console logins via the serial port
Remote shell logins via SSH and HTTPS
Secure file transfers using HTTPS, SCP and SFTP (based on SSH)
Authentication requests for LOGIN services will attempt to use RADIUS first and any local authentication settings
will be ignored. Only when there is no response (positive/negative) from any of the configured RADIUS servers will
RUGGEDCOM ROX II authenticate users locally.
The PPP service represents incoming PPP connections via a modem. Authentication requests to the PPP service use
RADIUS only. In the event that no response is received from any configured RADIUS server, RUGGEDCOM ROX II
will not complete the authentication request.
CONTENTS
Section6.7.3.1, “Configuring RADIUS Authentication for LOGIN Services”
Section6.7.3.2, “Configuring RADIUS Authentication for PPP Services”
Section6.7.3.3, “Configuring RADIUS Authentication for Switched Ethernet Ports”
Section6.7.3.1
Configuring RADIUS Authentication for LOGIN Services
To configure RADIUS authentication for LOGIN services, do the following:

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Siemens RUGGEDCOM ROX II and is the answer not in the manual?

Siemens RUGGEDCOM ROX II Specifications

General IconGeneral
BrandSiemens
ModelRUGGEDCOM ROX II
CategoryNetwork Hardware
LanguageEnglish

Related product manuals