Chapter 9
User Authentication
the use of a "shared secret" which is not sent over the network. The shared secret is
an authentication password configured on both the RADIUS client and its RADIUS
servers. The shared secret is stored as clear text in the client's file on the RADIUS
server, and in the non-volatile memory of the P330. In addition, user passwords are
sent between the client and server are encrypted for increased security.
Figure 9.1 illustrates the RADIUS authentication procedure:
Figure 9.1
Radius Commands
46
RADIUS Authentication Procedure
User attempts login
Local User
account
authenticated in
switch?
No
Authentication
request sent to
RADIUS Server
User name and
password
authenticated?
No
Authentication Reject
sent to switch
User cannot access switch
embedded managegment
Yes
Yes
Perform log-in according
to user's priviliege level
to switch
Avaya P333T-PWR User's Guide