Table of Contents
Advertisement
Web OS 10.0 Application Guide
RADIUS Authentication Features in Web OS
The following Radius Authentication features are supported in Web OS:
n
Supports RADIUS client on the switch, based on the protocol definitions in RFC 2138 and
2866.
n
Enables/disables support of RADIUS authentication and authorization.
The default disables the use of RADIUS for authentication and authorization.
n
Allows RADIUS secret password up to 32 bytes and less than 16 octets.
n
Supports secondary authentication server so that when the primary authentication server
is unreachable, the switch can send client authentication requests to the secondary authen-
tication server.
Use the /cfg/sys/radius/cur command to show the currently active RADIUS
authentication server.
n
Supports user-configurable RADIUS server retry and time-out values.
The parameters are:
o
o
The switch will time out if it does not receive a response from the RADIUS server in 1-3
retries. The switch will also automatically retry connecting to the RADIUS server before it
declares the server down.
n
Supports user-configurable RADIUS application port.
The default is 1645/UDP based on RFC 2138. Port 1812 is also supported.
n
Allows network administrator to define privileges for one or more specific users to access
the switch at the RADIUS user database.
n
SecurID is supported if the RADIUS server can do an ACE/Server client proxy. The pass-
word is the PIN number, plus the token code of the SecurID card.
n
104
Chapter 5: Secure Switch Management
Time-out value = 1-10 seconds
Retries = 1-3
212777-A, February 2002
Advertisement
Table of Contents
