Radius; Introduction To Radius - Avaya P334T-ML Installation and configuration guid Installation And Configuration Manual

Stackable switch software version 4.5

Hide thumbs Also See for P334T-ML Installation and configuration guid:

Installation and configuration manual (176 pages)

Quick start manual (38 pages)

User manual (254 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

Table of Contents

RADIUS

Introduction to RADIUS

User accounts are typically maintained locally on the switch. Therefore, if a site

contains multiple Avaya Switches, it is necessary to configure each switch with its

own user accounts. Additionally, if for example a 'read-write' user has to be

changed into a 'read-only' user, you must change all the 'read-write' passwords

configured locally in every switch, in order to prevent him from accessing this level.

This is obviously not effective management. A better solution is to have all of the

user login information kept in a central location where all the switches can access it.

P330 features such a solution: the Remote Authentication Dial-In User Service

(RADIUS).

A RADIUS authentication server is installed on a central computer at the customer's

site. On this server user authentication (account) information is configured that

provides various degrees of access to the switch. The P330 will run as a RADIUS

client. When a user attempts to log into the switch, if there is no local user account

for the entered user name and password, then the switch will send an

Authentication Request to the RADIUS server in an attempt to authenticate the user

remotely. If the user name and password are authenticated, then the RADIUS server

responds to the switch with an Authentication Acknowledgement that includes

information on the user's privileges ('administrator', 'read-write', or 'read-only'),

and the user is allowed to gain access to the switch. If the user is not authenticated,

then an Authentication Reject is sent to the switch and the user is not allowed access

to the switch's embedded management.

The Remote Authentication Dial-In User Service (RADIUS) is an IETF standard

(RFC 2138) client/server security protocol. Security and login information is stored

in a central location known as the RADIUS server. RADIUS clients, such as the P330,

communicate with the RADIUS server to authenticate users.

All transactions between the RADIUS client and server are authenticated through

the use of a "shared secret" which is not sent over the network. The shared secret is

an authentication password configured on both the RADIUS client and its RADIUS

servers. The shared secret is stored as clear text in the client's file on the RADIUS

server, and in the non-volatile memory of the P330. In addition, user passwords are

sent between the client and server are encrypted for increased security.

Avaya P334T-ML User's Guide

Chapter 8

User Authentication

Table of Contents

Radius; Introduction To Radius - Avaya P334T-ML Installation and configuration guid Installation And Configuration Manual

RADIUS

Introduction to RADIUS

Troubleshooting

Related Manuals for Avaya P334T-ML Installation and configuration guid

Related Content for Avaya P334T-ML Installation and configuration guid

Table of Contents