Table of Contents
Advertisement
Radius support
Telnet
EtherXtend
EtherXtend
Local authentication
The EtherXtend supports local and RADIUS (Remote Authentication Dial In
User Service) access authentication. The EtherXtend can be configured for
local authentication, RADIUS authentication, or RADIUS then local
authentication. RADIUS users are configured with the Service-Type attribute
as Administrative-User or NAS-Prompt-User. RADIUS is used for only login
authentication, not severity levels.
Table 14
shows the mapping of service-type to EtherXtend permissions.
Table 14: Service type mapping to EtherXtend permissions
Service-Type Attribute
Administrative-User
NAS-Prompt-User
When establishing a connection to the EtherXtend with RADIUS
authentication, the EtherXtend passes RADIUS information securely to the
RADIUS server. The RADIUS server then authenticates the user and either
allows or denies access to the EtherXtend. If access is denied and the local
authentication option is also configured, the EtherXtend then authenticates
access based on the locally configured users and passwords. For logins and
failed logins, a console message is generated with user ID and IP address of
the device from which the login originated. Failed logins also are logged as
alert level messages in the EtherXtend system log file.
By default, RADIUS access uses the UDP port 1812 for authentication.This
parameter can be changed in the radius-client profile.
Figure 12: EtherXtend RADIUS authentication
MALC
RADIUS authentication
EtherXtend permissions
admin, zhonedebug, voice, data, manuf, database,
systems, tools, useradmin
admin, voice, data, manuf, database, systems,
tools, useradmin
IP
System settings
RADIUS server
EtherXtend User's Guide
57
Advertisement
Table of Contents
