Overview: Radius User Authentication Using Identify Engines; Radius Support On Avaya Switches; User Authentication Using Ers1600, Ers8300, Or Ers8600 - Avaya ERS 8600 Technical Configuration Manual
Identity engines ignition server, ethernet routing switch, switch user authentication using
identity engines ignition server
Table of Contents
Advertisement
1. Overview: RADIUS User Authentication
using Identify Engines
This document provides the framework for implementing user Authentication, Authorization, and
Accounting for Avaya switches.
1.1 RADIUS Support on Avaya Switches
RADIUS
authenti-
cation
ERS 8600
Yes
ERS 8300
Yes
ERS 1600
Yes
ES 460/470
Yes
ERS 2500
Yes
ERS 4500
Yes
ERS 5500
Yes
ERS 5600
Yes
1.2 User Authentication using ERS1600, ERS8300, or
ERS8600
The ERS1600, ERS8300, and ERS8600 each support six different user access levels. The access level
is determined by the RADIUS attribute value sent back to the switch. The switch uses RADIUS Vendor-
Specific Attributes (IETF Attribute 26) to support its own extended attributes. Vendor identifier 1584 (Bay
Networks) attribute type 192 is used where the value is a number from 0 to 6. The following chart displays
the RADIUS attribute values and corresponding access level.
Access Level
None-Access
Read-Only-Access
Layer 1-Read-Write-Access
Layer 2-Read-Write-Access
Layer 3-Read-Write-Access
Switch User Authentication using Identity Engines Ignition Server Technical Configuration Guide
[July 2010
802.1x
RADIUS
802.1x
(EAP)
accoun-
(EAP)
RADIUS
ting
RADIUS
authenti-
account-
cation
ing
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
No
Yes
No
Yes
Yes
No
Yes
Yes
No
Yes
Yes
No
Yes
VSA Attribute 26 – Vendor Identifier 1584
Type 192 value
0
1
2
3
4
RADIUS
RADIUS
RADIUS
account-
user
SNMP
ing for CLI
access
account-
commands
profile
ing
Yes
Yes
Yes
Yes
Yes
No
Yes
Yes
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
avaya.com
6
Hide quick links:
Advertisement
Table of Contents
