110
C
11: M
HAPTER
AKING
Y
N
S
OUR
ETWORK
ECURE
Figure 24 RADIUS Authentication Operation
3Com Vendor Specific Attribute
The default user levels on the Switch (monitor, manager, admin) are
supported by a 3Com Vendor Specific Attribute (VSA). The Vendor-ID for
3Com is 43. You must configure the RADIUS server to send this attribute
in the Access-Accept message in order to specify the access level required
for each user account. The configurable attribute values are:
Monitor (1) — the user can view all manageable parameters, except
special/security features, but cannot change any manageable
parameters.
Manager (2) — the user can access and change the operational
parameters but not special/security features.
Administrator (3) — the user can access and change all manageable
parameters.
The attribute body consists of a 3Com Vendor type (1), Vendor data
length (6) and the Vendor data (4 octet integer containing the access
level value), as shown in
Figure
25.