Configuring Web-based AAA for
administrative and local access
Before you start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Saving the configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Overview of Web-based AAA for administrative and
local access
Nortel WLAN Security Switch 2300 Series (WSS Software) supports authentication, authorization, and accounting
(AAA) for secure network connections. As administrator, you must establish administrative access for yourself and
optionally other local users before you can configure the WSS for operation.
Here is an overview of configuration topics:
1
Console connection. By default, any administrator can connect to the console port and manage the
switch, because no authentication is enforced. (Nortel recommends that you enforce authentication on the
console port after initial connection.)
2
Telnet or SSH connection. Administrators cannot establish a Telnet or Secure Shell (SSH) connection to
the WSS by default. To provide Telnet or SSH access, you must add a username and password entry to the
local database or, optionally, set the authentication method for Telnet users to a Remote Authentication
Dial-In User Service (RADIUS) server.
Note.
Management Software and Web View connections. (For details, see
keys and certificates" (page
3
Restricted mode. When you initially connect to the WSS, your mode of operation is restricted. In this
mode, only a small subset of status and monitoring commands is available. Restricted mode is useful for
administrators with basic monitoring privileges who are not allowed to change the configuration or run
traces.
A CLI Telnet connection to the WSS is not secure, unlike SSH, WLAN
443).)
Nortel WLAN-Security Switch 2300 Series Configuration Guide
69
"Managing