GE UR F35 Series Instruction Manual page 137
Multiple feeder protection
system
Hide thumbs
Also See for UR F35 Series:
- Instruction manual (526 pages) ,
- Instruction manual (616 pages) ,
- Instruction manual (640 pages)
Table of Contents
Advertisement
5 SETTINGS
To use local authentication:
1.
Log in as outlined (Administrator or Supervisor, then Observer).
2.
After making any required changes, log off using the Commands > Relay Maintenance > Security menu.
logged in through the front panel log out by logging in as None.
Users logged in through the front panel are not timed out and cannot be forcefully logged out by a
supervisor. Roles logged in through the front panel that do no allow multiple instances (Administrator,
Supervisor, Engineer, Operator) must switch to None (equivalent to a logout) when they are done in
order to log out.
To configure remote authentication:
1.
In the EnerVista software, in the login window, choose Device Authentication and log in as Administrator.
2.
Configure the following RADIUS server parameters: IP address, authentication port, shared secret, and vendor ID. The
following procedure outlines how to set up a simple RADIUS server, where the third-party tool used is an example.
a. Download and install
FreeRADIUS from www.freeradius.net
lation that is known to work. If you try another third-party tool and it does not work, use the FreeRADIUS software from
freeradius.net.
b. Open the radius.conf file in the <Path_to_Radius>\etc\raddb folder, locate the "bind_address" field and enter your
RADIUS server IP address. An example is
bind_address = 10.14.61.109
Text editor software that supports direct editing and saving of UNIX text encodings and line breaks, such as EditPad
Lite, is needed for this editing.
c. In the users.conf file in the <Path_to_Radius>\etc\raddb folder, add the following text to configure a user "Tester"
with an Administrator role.
Tester:
->User-Password == "Testing1!1"
->GE-UR-Role = Administrator
d. In the clients.conf file in the <Path_to_Radius>\etc\raddb folder, add the following text to define the UR as a RADIUS
client, where the client IP address is 10.0.0.2, the subnet mask is 255.255.255.0, the shared secret specified here is
also configured on the UR device for successful authentication, and the shortname is a short, optional alias that can be
used in place of the IP address.
client 10.0.0.2/24 {
secret = testing123
shortname = private-network-1
}
e. In the <Path_to_Radius>\etc\raddb folder, create a file called dictionary.ge and add the following content.
# ##########################################################
# GE VSA's
############################################################
VENDOR
# Management authorization
BEGIN-VENDOR
# Role ID
ATTRIBUTE
GE Multilin
GE
2910
GE
GE-UR-Role
1
integer
F35 Multiple Feeder Protection System
as the RADIUS server. This is a Windows 32-bit instal-
5.2 PRODUCT SETUP
Users
5
5-13
Advertisement
Table of Contents
