RADIUS Authentication Features in Enterprise NOS
Switch User Accounts
100
G8264CS Application Guide for ENOS 8.4
ENOS supports the following RADIUS authentication features:
Supports RADIUS client on the switch, based on the protocol definitions in RFC
2138 and RFC 2866.
Allows RADIUS secret password up to 32 bytes and less than 16 octets.
Supports secondary authentication server so that when the primary authentication
server is unreachable, the switch can send client authentication requests to the
secondary authentication server. Use the following command to show the
currently active RADIUS authentication server:
RS 8264CS# show radius-server
Supports user‐configurable RADIUS server retry and time‐out values:
Time‐out value = 1‐10 seconds
Retries = 1‐3
The switch will time out if it does not receive a response from the RADIUS
server in 1‐3 retries. The switch will also automatically retry connecting to the
RADIUS server before it declares the server down.
Supports user‐configurable RADIUS application port. The default is UDP port
1645. UDP port 1812, based on RFC 2138, is also supported.
Allows network administrator to define privileges for one or more specific users
to access the switch at the RADIUS user database.
The user accounts listed in Table
file.
Table 6.
User Access Levels
User Account
Description and Tasks Performed
User
The User has no direct responsibility for switch
management. They can view all switch status
information and statistics but cannot make any
configuration changes to the switch.
Operator
The Operator manages all functions of the switch.
The Operator can reset ports, except the
management port.
Administrator
The super‐user Administrator has complete access
to all commands, information, and configuration
commands on the switch, including the ability to
change both the user and administrator passwords.
6 can be defined in the RADIUS server dictionary
Password
user
oper
admin