Proxying Radius Requests To An Existing Radius Server Using The Built-In Sentriant Ag Radius Server - Extreme Networks AG200 User Manual
Version 5.0
Hide thumbs
Also See for AG200:
- Installation manual (80 pages) ,
- Hardware installation manual (40 pages) ,
- Hardware quick start manual (2 pages)
Table of Contents
Advertisement
802.1X Quarantine Method
f
In the Remote Access Permission area, select the Allow Access radio button.
g Select the Account tab.
h Verify that you are using Microsoft's version of the challenge-handshake authentication protocol
(CHAP) MSCHAPv2. If for some reason, you cannot upgrade to MSCHAPv2 at this time,
perform the following workaround for MSCHAPv1:
In the Account options area, select the Store password using reversible encryption check box.
NOTE
If there are existing user accounts in your Active Directory installation when you enable reversible encryption, the
passwords must be reset (either by the user or by the system administrator) before reversible encryption takes effect.
i
Click OK.
j
Repeat from step a for each user account.
Proxying RADIUS Requests to an Existing RADIUS Server Using the Built-in
Sentriant AG RADIUS Server
NOTE
For an explanation of how the components communicate, see "Sentriant AG and 802.1X" on page 228.
To configure Sentriant AG to proxy RADIUS requests to an existing RADIUS server:
1 To configure the RADIUS server to proxy requests to your existing RADIUS server:
a Log in to the ES as
b Open the following file with a text editor such as
/etc/raddb/proxy.conf
c Append the following section replacing the parameters in <> with your RADIUS servers
information:
realm NULL {
type= radius
authhost= <RADIUS host or IP>:<RADIUS auth port>
accthost= <RADIUS host or IP>:<RADIUS acct port>
secret= <the shared secret for your RADIUS server>
}
d Save and exit the file.
258
via SSH.
root
:
vi
Sentriant AG Users' Guide, Version 5.0
Advertisement
Table of Contents
