Table of Contents
Advertisement
10. Authentication
10. Authentication
The Authentication menu is accessible from the main menu under admin. The path to this menu is
admin/authentication.
Figure 10.1. Authentication menu
The Authentication menu is accessible from the main menu under admin. The path to this menu is
admin/authentication.
10.1. RADIUS
RADIUS (Remote Authentication Dial In User Service) is used to provide centralized authentication and
authorization for network access. ROX™ assigns a privilege level of Admin, Operator or Guest to a
user who presents a valid user name and password. The number of users who can access the ROX™
server is ordinarily dependent on the number of user records which can be configured on the server
itself. ROX™ can also, however, be configured to pass along the credentials provided by the user to
be remotely authenticated by a RADIUS server. In this way, a single RADIUS server can centrally store
user data and provide authentication and authorization service to multiple ROX™ servers needing to
authenticate connection attempts.
10.1.1. RADIUS overview
RADIUS (described in
carrying authentication, authorization, and configuration information between a Network Access Server
which desires to authenticate its links and a shared Authentication Server. RADIUS is also widely used
in conjunction with 802.1x for port security using EAP (the Extensible Authentication Protocol, described
in
RFC 3748
[http://tools.ietf.org/html/rfc3748]). Refer to
details in ROX™.
A RADIUS server can act as a proxy client to other RADIUS servers or other kinds of authentication
servers.
On receiving an authentication-authorization request from a client in an "Access-Request" packet, the
RADIUS server checks the conditions configured for received username-password combination in the
user database. If all the conditions are met, the list of configuration values for the user is placed into
an "Access-Accept" packet. These values include the type of service (e.g. PPP, Login) and all the
necessary values to deliver the desired service.
10.1.2. RADIUS Usage
The typical mode of operation involves a Network Access Server (NAS) - in this case the ROX™ - and
a remote RADIUS server, where account information is stored. In the course of attempting to access
connection-oriented services on the NAS, a user presents credentials to the NAS for authentication. The
NAS forwards these to a configured RADIUS server and accepts from it the determination of whether
the user is allowed the requested access. In order to protect the security of account information and of
ROX™ v2.2 User Guide
RFC 2865
[http://tools.ietf.org/html/rfc2865]) is a UDP-based protocol used for
117
Chapter 24, Port Security
RuggedBackbone™ RX1500
for configuration
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the RuggedBackbone RX1500 and is the answer not in the manual?