Changing RADIUS parameters
The following commands are optional:
Use the set radius authentication retry-number command to set the number
●
of times to resend an access request when there is no response.
Use the set radius authentication retry-time command to set the time to wait
●
before resending an access request.
Use the set radius authentication udp-port command to set the RFC 2138
●
approved UDP port number. Normally, the UDP port number should be set to its default
value of 1812. Some early implementations of the RADIUS server used port number 1645.
Disabling RADIUS authentication
Use the set radius authentication disable command to disable RADIUS
authentication on the G250/G350.
Displaying RADIUS parameters
Use the show radius authentication command. Shared secrets are not displayed.
802.1x protocol
The 802.1x protocol is a method for performing authentication to obtain access to the G250/
G350's LAN ports. 802.1x provides a means of authenticating and authorizing users attached to
a LAN port and of preventing access to that port in cases where the authentication process fails.
On the G350, you can enable 802.1x on the MM314 and MM316 media modules' 10/100
Ethernet ports. On the G250, you can enable 802.1x on the eight Ethernet LAN PoE ports
located on the G250's front panel.
Note:
You cannot enable 802.1x on the MM314/MM316 media modules' Gigabit
Note:
Ethernet port (port 51). Also, 802.1x is not available on the G250-DCP.
The 802.1x application complies with the existing IEEE Port Based Network Control standard to
perform its authentication operation. Specifically, it makes use of Extensible Authentication
Protocol (EAP) messages encapsulated within Ethernet frames (EAPOL), and EAP over
RADIUS for the communication between the Authenticator and the Authentication Server.
Note:
The G250/G350 supports the following EAP types: MD5, PEAP, TTLS, and TLS.
Note:
Managing login permissions
Issue 3 February 2007
49