237
Feature Default Settings
RADIUS server
Auth port is 1812.
Acct port is 1813.
Retransmit is 2 times.
Timeout is 5 seconds.
TACACA+ server
Communication port is 1812.
Server group Two server groups are preset: radius and tacacs.
All RADIUS servers are added in the server group radius.
All TACACS+ servers are added in the Server group tacacs.
Authentication login method
list
The list contains local, and the defau
passwords are both admin.
Authentication enable method
list
The list is empty, which means users can promote to
administrator privilege without password.
Access application
authentication
The application console/telnet/ssh/http use the default Login List
and default Enable list.
802.1X authentication server
and accounting server
802.1X authentication uses the radius server group. 802.1X
accounting uses the radius server group.
13.8 PPPoE Config
PPPoE Circuit-ID Tag Overview
In the ATM-based network, the BRAS (Broadband Remote Access Server) vendors need to
acquire the unique information from DSL (digital subscriber line) for RADIUS (Remote
Authentication Dial In User Service) authentication and accounting processes. The PPPoE
Circuit-ID Insertion feature uses a PPPoE intermediate agent function on the DSLAM. The DSLAM
(Digital Subscriber Line Multiplexer) attaches a tag to the PPPoE discovery packets. This tag is
called the PPPoE Vendor-Specific tag and it contains a unique line identifier. The BRAS receives
the tagged packet, decodes the tag, and uses the Circuit-ID field of that tag as a NAS-Port-ID
attribute in the RADIUS authentication packet for PPP authentication and AAA (authentication,
authorization, and accounting) access requests.
In this Chapter the switch will work as a DSLAM.
PPPoE Circuit-ID Tag Operation Process
The general PPPoE Circuit-ID Tag work process is shown below:
Figure 13-25 PPPoE Discovery Process
To Next Page
Loading...
Need help?
General