User Authentication; Network Login - Extreme Networks ExtremeWare Command Reference Manual

Security Commands
3 Add entries to the access profile.
4 Apply the access profile.
Route maps are used to modify or filter routes redistributed between two routing domains. They are also
used to modify or filter the routing information exchanged between the domains.
To use route maps, follow these steps:
1 Create a route map.
2 Add entries to the route map.
3 Add statements to the route map entries.
SSH
Secure Shell 2 (SSH2) is a feature of ExtremeWare that allows you to encrypt session data between a
network administrator using SSH2 client software and the switch, or to send encrypted data from the
switch to an SSH2 client on a remote system. Image and configuration files may also be transferred to
the switch using the Secure Copy Program 2 (SCP2)

User Authentication

Remote Authentication Dial In User Service (RADIUS, RFC 2138) is a mechanism for authenticating and
centrally administrating access to network nodes. The ExtremeWare RADIUS client implementation
allows authentication for Telnet, Vista, or console access to the switch.
Extreme switches are also capable of sending RADIUS accounting information. You can configure
RADIUS accounting servers to be the same as the authentication servers, but this is not required.
Terminal Access Controller Access Control System Plus (TACACS+) is a mechanism for providing
authentication, authorization, and accounting on a centralized server, similar in function to the RADIUS
client. The ExtremeWare version of TACACS+ is used to authenticate prospective users who are
attempting to administer the switch. TACACS+ is used to communicate between the switch and an
authentication database.
NOTE
You cannot use RADIUS and TACACS+ at the same time.

Network Login

Network Login is a feature designed to control the admission of user packets into a network by giving
network access only to users that have been properly authenticated. Network Login is controlled by an
administrator on a per port, per VLAN basis and uses an integration of DHCP, user authentication over
the web interface or 802.1x client software, and, a RADIUS server to provide a user database or specific
configuration details.
Network Login has two modes of operation:
762 ExtremeWare Software 7.3.0 Command Reference Guide