Authentication Servers
When using an authentication server, you must configure its IP address and in most cases other
parameters before it can be used. The following authentication servers require configuration:
•
RADIUS
•
TACACS+
•
LDAP(S)|AD
•
Kerberos
•
NIS
•
DSView
To configure a RADIUS authentication server:
1.
Select Appliance Settings - Authentication - Authentication Servers to display the list of
servers.
2.
Click on RADIUS. The RADIUS Servers screen is displayed.
3.
Enter the IP addresses of the First Authentication Server and First Accounting Server.
4.
If used, enter the IP addresses for the Second Authentication Server and Second Accounting
Server.
5.
Enter your secret word or passphrase in the Secret field (applies to both first and second
authentication and accounting servers), then re-enter the secret word or passphrase in the
Confirm Secret field.
6.
Enter the desired number of seconds for server timeout in the Timeout field.
7.
Enter the desired number of retries in the Retries field.
8.
When finished, click Save.
To configure a TACACS+ authentication server:
1.
Select Appliance Settings - Authentication - Authentication Servers to display the list of
servers.
2.
Click on TACACS+. The TACACS+ Servers screen is displayed.
3.
Enter the IP addresses for the First Authentication Server and First Accounting Server.
4.
If used, enter the IP addresses of the Second Authentication Server and Second Accounting
Server.
5.
Select the desired service (PPP or raccess) from the Service pull-down menu.
6.
Enter your secret word or passphrase in the Secret field (applies to both first and second
authentication and accounting servers), then re-enter the secret word or passphrase in the
Confirm Secret field.
7.
Enter the desired number of seconds for server timeout in the Timeout field.
8.
Enter the desired number of retries in the Retries field.
Chapter 5: Configuring Security, Authentication and User Settings
41