Securing Radius Communication; Radius-Based User Authentication In Url - AudioCodes Mediant 800B User Manual
Gateway & e-sbc
Hide thumbs
Also See for Mediant 800B:
- User manual (1338 pages) ,
- Installation and maintenance manual (104 pages) ,
- Hardware installation manual (56 pages)
Table of Contents
Advertisement
User's Manual
♦
5.
Configure when the Local Users table must be used to authenticate login users. From
the 'Use Local Users Database' drop-down list, select one of the following:
•
When No Auth Server Defined (default): When no RADIUS server is configured
or if a server is configured but connectivity with the server is down (if the server is
up, the device authenticates the user with the server).
•
Always: First attempts to authenticate the user using the Local Users table, but if
not found, it authenticates the user with the RADIUS server.
Figure 15-17: Local Users Table for Login Authentication
6.
Click Apply, and then reset the device with a save-to-flash for your settings to take
effect.
15.3.6.3 Securing RADIUS Communication
RADIUS authentication requires HTTP basic authentication (according to RFC 2617).
However, this is insecure as the usernames and passwords are transmitted in clear text
over plain HTTP. Thus, as digest authentication is not supported with RADIUS, it is
recommended that you use HTTPS with RADIUS so that the usernames and passwords
are encrypted. To enable the device to use HTTPS, configure the 'Secured Web
Connection (HTTPS)' parameter to HTTPS Only (see 'Configuring Secured (HTTPS) Web'
on page 72).
15.3.6.4 RADIUS-based User Authentication in URL
RADIUS authentication of the management user is typically done after the user accesses
the Web interface by entering only the device's IP address in the Web browser's URL field
(for example, http://10.13.4.12/) and then entering the username and password credentials
in the Web interface's login screen. However, authentication with the RADIUS server can
also be done immediately after the user enters the URL, if the URL also contains the login
credentials.
http://10.4.4.112/Forms/RadiusAuthentication?WSBackUserName=John&WSBackPasswor
d=1234
Note:
Version 7.2
Absolute Expiry Timer: when you access a Web page, the timer doesn't
reset, but continues its count down.
Figure 15-16: Configuring RADIUS Timeout
This feature allows up to five simultaneous users only.
For
239
Mediant 800B Gateway & E-SBC
15. Services
example:
Advertisement
Table of Contents
