1. Manuals
  2. Brands
  3. Raritan Manuals
  4. Switch
  5. DOMINION DKX116
  6. User manual

Implementing Radius Remote Authentication; Returning User Group Information Via Radius; Radius Communication Exchange Specifications - Raritan Dominion DKX116 User Manual

Dominion kx series
Hide thumbs Also See for Dominion DKX116:
Table of Contents

Advertisement

42

Implementing RADIUS Remote Authentication

Microsoft Active Directory can be used as source information for RADIUS authentication by installing the
Windows server component Internet Authentication Server.
If you choose RADIUS authentication protocol, complete the RADUIS fields as follows:
Authentication Type: Click on the drop-down arrow to select either CHAP or PAP protocol.
Server UDP Port / Custom UDP Port: Click on the drop-down arrow to select whether you
would prefer using standard RADIUS TCP port 1812, the legacy RADIUS TCP port 1645, or type
in your own user defined port in the Custom UDP Port field.
Remote Accounting / Custom Accounting Port: Click on the check box to send authentication
events to a RADIUS accounting server; if so, type the TCP port should be used for transmitting
events in the Custom Accounting Port.

Returning User Group Information via RADIUS

When a RADIUS authentication attempt succeeds, Dominion KX determines the permissions for a given
user based on the permissions of the user's group.
Your remote RADIUS server can provide these user group names by returning an attribute, implemented as
a RADIUS FILTER-ID. The FILTER-ID should be formatted as follows:
Raritan:G{GROUP_NAME}
where
GROUP_NAME

RADIUS Communication Exchange Specifications

Dominion KX sends the following information to RADIUS server in an authentication query:
A
TTRIBUTE
USER-NAME
USER-PASSWORD
CHAP-PASSWORD
NAS-IP-ADDRESS
NAS-IDENTIFIER
NAS-PORT-TYPE
NAS-PORT
STATE
PROXY-STATE
is a string, denoting the name of the group to which the user belongs.
The user name entered at the login screen.
In PAP mode, the encrypted password entered at the login
screen.
In CHAP mode, the CHAP protocol response computed from
the password and the CHAP challenge data.
Dominion KX's IP Address
The Dominion KX unit name as configured in "Network
Configuration" (see previous section).
The value ASYNC (0) for modem connections and
ETHERNET (15) for network connections.
Always 0.
If this request is in response to an ACCESS-CHALLENGE,
the state data from the ACCESS-CHALLENGE packet will
be returned.
If this request is in response to an ACCESS-CHALLENGE,
the proxy state data from the ACCESS-CHALLENGE packet
will be returned.
D
OMINION
D
ATA
KX U
M
SER
ANUAL

Advertisement

Table of Contents
loading

Related Manuals for Raritan Dominion DKX116

Related Content for Raritan Dominion DKX116

This manual is also suitable for:

Dominion dkx216Dominion dkx232

Table of Contents