Manualshelf

User`s manual

ManualsBrandsAudioCodes ManualsNetworkingMediant 1000
331332333334335336337338339340
H.323 User's Manual 13. Security
Version 5.0 335 December 2006
2. If access levels are required, set up a VSA dictionary for the RADIUS server and
select an attribute ID that represents each user's access level. The following example
shows a dictionary file for FreeRADIUS that defines the attribute ‘ACL-Auth-Level’ with
ID=35.
Figure 13-12: Example of a Dictionary File for FreeRADIUS (FreeRADIUS Client Configuration)
#
# AudioCodes VSA dictionary
#
VENDOR AudioCodes 5003
ATTRIBUTE ACL-Auth-Level 35 integer AudioCodes
VALUE ACL-Auth-Level ACL-Auth-UserLevel 50
VALUE ACL-Auth-Level ACL-Auth-AdminLevel 100
VALUE ACL-Auth-Level ACL-Auth-SecurityAdminLevel 200
3. In the RADIUS server, define the list of users authorized to use the gateway, using
one of the password authentication methods supported by the server implementation.
The following example shows a user configuration file for FreeRADIUS using a plain-
text password.
Figure 13-13: Example of a User Configuration File for FreeRADIUS Using a Plain-Text
Password
# users - local user configuration database
john Auth-Type := Local, User-Password == "qwerty"
Service-Type = Login-User,
ACL-Auth-Level = ACL-Auth-SecurityAdminLevel
larry Auth-Type := Local, User-Password == "123456"
Service-Type = Login-User,
ACL-Auth-Level = ACL-Auth-UserLevel
4. Record and retain the IP address, port number, ’shared secret’, vendor ID and VSA
access level identifier (if access levels are used) used by the RADIUS server.
5. Configure the gateway’s relevant parameters according to Section 13.3.2.
13.3.2 Configuring RADIUS Support
For information on the RADIUS parameters, refer to Table 5-35 on page 168.
¾ To configure RADIUS support on the gateway via the Embedded
Web Server, take these 13 steps:
1. Access the Embedded Web Server (refer to Section 5.3 on page 57).
2. Open the ‘General Security Settings’ screen (Advanced Configuration menu >
Security Settings > General Security Settings option); the ‘General Security
Settings’ screen is displayed.
3. Under section ‘General RADIUS Settings’, in the field ‘Enable RADIUS Access
Control’, select ‘Enable’; the RADIUS application is enabled.
4. In the field ‘Use RADIUS for Web / Telnet Login’, select ‘Enable’; RADIUS
authentication is enabled for Web and Telnet login.
5. Enter the RADIUS server IP address, port number and shared secret in the relevant
fields.