3Com VCX v7111 User Manual page 339

To set up a RADIUS server:
Define the gateway as an authorized client of the RADIUS server, with a predefined
1
shared secret (a password used to secure communication) and a vendor ID. The figure
below displays an example of the file clients.conf (FreeRADIUS client configuration).
Figure 131 Example of the File clients.conf (FreeRADIUS Client Configuration)
#
# clients.conf - client configuration directives
#
client 10.31.4.47 {
secret
shortname
}
If access levels are required, set up a VSA dictionary for the RADIUS server and select
2
an attribute ID that represents each user's access level. The following example shows a
dictionary file for FreeRADIUS that defines the attribute ACL-Auth-Level with ID=35.
Figure 132 Example of a Dictionary File for FreeRADIUS (FreeRADIUS Client Configuration)
#
# 3Com VSA dictionary
#
VENDOR 3Com 5003
ATTRIBUTE ACL-Auth-Level 35 integer 3Com
VALUE ACL-Auth-Level ACL-Auth-UserLevel 50
VALUE ACL-Auth-Level ACL-Auth-AdminLevel 100
VALUE ACL-Auth-Level ACL-Auth-SecurityAdminLevel 200
In the RADIUS server, define the list of users authorized to use the gateway, using one
3
of the password authentication methods supported by the server implementation. The
following example shows a user configuration file for FreeRADIUS using a plain-text
password.
Figure 133 Example of a User Configuration File for FreeRADIUS Using a Plain-Text Password
# users - local user configuration database
john Auth-Type := Local, User-Password == "qwerty"
Service-Type = Login-User,
ACL-Auth-Level = ACL-Auth-SecurityAdminLevel
larry Auth-Type := Local, User-Password == "123456"
Service-Type = Login-User,
ACL-Auth-Level = ACL-Auth-UserLevel
Record and retain the IP address, port number, shared secret, vendor ID and VSA
4
access level identifier (if access levels are used) used by the RADIUS server.
Configure the gateways relevant parameters according to
5
®
3Com VCX V7111 VoIP Gateway User Guide
= FutureRADIUS
= tp1610_master_tpm
Configuring RADIUS Support.
339