Authentication Methods - Nortel Secure Network Access Switch 4050 User Manual

36 Chapter 1 Overview

Authentication methods

You can configure more than one authentication method within a Nortel
SNAS 4050 domain. Nortel Secure Network Access Switch Software Release 1.0
supports the following authentication methods:
•
•
For information about configuring authentication on the Nortel SNAS 4050, see
"Configuring authentication" on page
For more information about the Nortel SNA solution and the way the Nortel
SNAS 4050 controls network access, see Nortel Secure Network Access Solution
Guide (320817-A).
320818-A
external database
— Remote Authentication Dial-In User Service (RADIUS)
— Lightweight Directory Access Protocol (LDAP)
The Nortel SNAS 4050 authenticates the user by sending a query to an
external RADIUS or LDAP server. This makes it possible to use
authentication databases already existing within the intranet. The Nortel
SNAS 4050 device includes username and password in the query and requires
the name of one or more access groups in return. The name of the RADIUS
and LDAP access group attribute is configurable.
local database
The Nortel SNAS 4050 itself can store up to 1,000 user authentication entries,
each defining a username, password, and relevant access group. You can
populate the database by manually adding entries on the Nortel SNAS 4050,
or you can import a database from a TFTP/FTP/SCP/SFTP server.
Use the local authentication method if no external authentication databases
exist, for testing purposes, for speedy deployment, or as a fallback for external
database queries. You can also use the local database for authorization only, if
an external server provides authentication services but cannot be configured to
return a list of authorized groups.
233.