Table of Contents
Advertisement
With the ERS 1600, 8300, and 8600, you can change the RADIUS source IP address by using
the following command :
8000A:6# config radius server create <ipaddr> secret <value> [usedby
<value>] [port <value>] [priority <value>] [retry <value>] [timeout
<value>] [enable <value>] [acct-port <value>] [acct-enable <value>]
[source-ip <value>]
With the ERS 1600, 8300, and 8600, you can configure up to ten RADIUS servers (each server
is assigned a priority and is contacted in that order). If all servers are not reachable (no answer)
then local authentication is done and you will receive the following message:
No reply from RADIUS server "10.10.50.40(1812)"All RADIUS servers are
unreachable.
2.5 RADIUS Server & Client Log Files
In this section, we will demonstrate RADIUS server and client logging on the switch. We will demonstrate
a client logging onto a switch, issuing several commands and checking if they are allowed or not based
on authentication rights.
2.5.1 ES 460/470 Series and ERS 2500, 4500, 5500 – Read-Only user
Connect to the device via telnet using read-only user (bsro).
Please note that there is no Administrative RADIUS accounting for ES460/470 Series and ERS
2500, 4500, 5500.
RADIUS accounting is only available for 802.1x (EAP) users.
Authentication, Authorization and Accounting (AAA) for ERS and ES
November 2010
delete : N/A
set : N/A
Technical Configuration Guide
avaya.com
17
Advertisement
Table of Contents
