Radius-Based Access - Avaya AP-3 User Manual

Avaya ap-3 access point: users guide

Hide thumbs Also See for AP-3:

User manual (492 pages)

Manual (6 pages)

Configuration and deployment manual (3 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

Table of Contents

RADIUS-Based Access

User management of APs can be centralized by using a RADIUS server to store user

credentials. The AP cross-checks credentials using RADIUS protocol and the RADIUS server

accepts or rejects the user.

HTTP/HTTPS and Telnet/SSH users can be managed with RADIUS. Serial CLI and SNMP

cannot be managed by RADIUS. Two types of users can be supported using centralized

RADIUS management:

Super User: The super user has access to all functionality of a management interface. A

●

super user is configured in the RADIUS server by setting the filter ID attribute (returned in

the RADIUS Accept packet) for the user to a value of super user (not case sensitive). A

user is considered a super user if the value of the filter-id attribute returned in the RADIUS

Accept packet for the user is super user (not case sensitive).

Limited User: A limited user has access to only a limited set of functionality on a

●

management interface. All users who are not super users are considered limited users.

However, a limited user is configured in the RADIUS server by setting the filter-id attribute

(returned in the RADIUS Accept packet) to limited user (not case sensitive). Limited users

do not have access to the following configuration capabilities:

- Update/retrieve files to and from APs

- Reset the AP to factory defaults

- Reboot the AP

- Change management properties related to RADIUS, management modes, and

management passwords.

When RADIUS Based Management is enabled, a local user can be configured to provide

Telnet, SSH, and HTTP(S) access to the AP when RADIUS servers fail. The local user has

super user capabilities. When secure management is enabled, the local user can only login

using secure means (i.e., SSH or SSL). When the local user option is disabled the only access

to the AP when RADIUS servers are down will be through serial CLI or SNMP.

The Radius Based Management Access parameters allows you to enable HTTP or Telnet

Radius Management Access, to configure a RADIUS Profile for management access control,

and to enable or disable local user access, and configure the local user password. You can

configure and view the following parameters:

Table 24: RADIUS Access Parameters 1 of 2

Parameter

HTTP RADIUS Access Control

Status

Telnet RADIUS Access Control

Status

Description

Enable or disable RADIUS management of HTTP/HTTPS

users.

Enable or disable RADIUS management of Telnet/SSH

users.

Management Configuration

1 of 2

Issue 1 October 2004

103

Table of Contents

Radius-Based Access - Avaya AP-3 User Manual

RADIUS-Based Access

Related Manuals for Avaya AP-3

Related Content for Avaya AP-3

Table of Contents