Foundry Networks Switch and Router Installation And Configuration Manual page 109

17. Select the type of access for which you are defining the authentication method list from the Type field's
pulldown menu. Each type of access must have a separate authentication-method list. For example, to
define the authentication-method list for logging into the CLI, select Login.
18. Select the primary authentication method by clicking on the radio button next to the method. For example, to
use a RADIUS server as the primary means of authentication for logging on to the CLI, select RADIUS.
19. Click the Add button to save the change to the device's running-config file.
The access type and authentication method you selected are displayed in the table at the top of the dialog.
Each time you add an authentication method for a given access type, the software assigns a sequence
number to the entry. When the user tries to log in using the access type you selected, the software tries the
authentication sources in ascending sequence order until the access request is either approved or denied.
Each time you add an entry for a given access type, the software increments the sequence number. Thus, if
you want to use multiple authentication methods, make sure you enter the primary authentication method
first, the secondary authentication method second, and so on.
If you need to delete an entry, select the access type and authentication method for the entry, then click
Delete.
20. Click Home to return to the System configuration panel, then select the Save link at the bottom of the dialog.
Select Yes when prompted to save the configuration change to the startup-config file on the device's flash
memory.
21. To configure RADIUS command authorization, select the Management link to display the Management panel
and select the Authorization Methods link to display the Authorization Method panel, as shown in the following
example.
22. Select Commands from the Type field's pulldown menu.
23. Select a privilege level by clicking on one of the following radio buttons:
• 0 – Authorization is performed for commands available at the Super User level (all commands)
• 4 – Authorization is performed for commands available at the Port Configuration level (port-config and
read-only commands)
• 5 – Authorization is performed for commands available at the Read Only level (read-only commands)
December 2000
Securing Access to Management Functions
3 - 45