Motorola WS5100 Series Reference Manual page 341

6.9.3.1 Radius Client Configuration
A Radius client implements a client/server mechanism enabling the switch to communicate with a central
server to authenticate users and authorize access to the switch managed network. A Radius client is often
an embedded device since it alleviates the need to store detailed user information locally.
To configure Radius client support:
1. Select Security
2. Ensure the Configuration
3. Select the Clients
The Clients tab displays the IP address and subnet mask of existing Radius clients.
4. To edit an existing Radius client configuration, select it from the table and click the
The Edit screen displays the Radius client's existing IP address, subnet mask and shared secret password
used for credential verification. Modify these settings as required.
5. To remove an existing Radius client configuration from the table of configurations available to the switch,
select a configuration and click the
6. To create a new Radius client configuration, click the
a. Specify the
b. Specify a Radius
Shared secrets used to verify Radius messages (with the exception of the Access-Request message)
are sent by a Radius -enabled device configured with the same shared secret. The shared secret is
a case-sensitive string that can include letters, numbers, or symbols. Make the shared secret at least
31 characters to protect the Radius server from brute-force attacks.
c. Refer to the
error messages if something is wrong in the transaction between the applet and the switch.
d. Click OK
e. Click Cancel
6.9.3.2 Radius Proxy Server Configuration
The switch can be configured to send Radius requests to a proxy radius server. A user's access request is
sent to a proxy server if it cannot be authenticated by a local server. The proxy server forwards the access
request to a proxy server that can authenticate the user. The proxy server checks the information in the user
access request and either accepts or rejects the request. If the proxy target server accepts the request, it
returns configuration information specifying the type of connection service required to authenticate the user.
To configure Radius proxy server support:
> Radius Server from the main menu.
tab is selected.
tab from the bottom portion of the Configuration tab.
Delete
IP Address/Mask of the subnet or host authenticating with the Radius client.
Shared Secret for authenticating the RADIUS client.
Status field for the current state of the requests made from applet. This field displays
to use the changes to the running configuration and close the dialog.
to close the dialog without committing updates to the running configuration
button.
Add button at the bottom of the screen.
6-71
Switch Security
Edit button.