Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsSwitch4100
61626364656667686970
3-14 Fabric OS Administrator’s Guide
Publication Number: 53-0000518-09
Setting Up RADIUS AAA Service
3
To configure the RADIUS server
1. From the Windows Start menu, select Programs> Administrative Tools>Internet
Authentication Service to open the Internet Authentication Service window.
2. In the Internet Authentication Service window, right-click the Clients folder and select New Client
from the pop-up menu.
3. In the Add Client window, provide the following:
Friendly name The Friendly name should be an alias that is easily recognizable as the switch to
which you are connecting.
Protocol Select RADIUS as the protocol.
4. In the Add RADIUS Client window, provide the following:
Client address (IP or DNS) Enter the IP address of the switch.
Client-Vendor Select RADIUS Standard.
Shared secret Provide a password. Shared secret is a password used between the client device
and server to prevent IP address spoofing by unwanted clients. Keep your shared
secret password in a safe place. You will need to enter this password in the switch
configuration.
After clicking Finish, repeat steps 2 through 4 for all switches on which RADIUS authentication
will be used.
5. In the Internet Authentication Service window, right-click the Remote Access Policies folder; then
select New Remote Access Policy from the pop-up window.
A remote access policy must be created for each Brocade login role (root, admin, factory,
switchAdmin, and user) for which you want to use RADIUS. Apply this policy to the user groups
that you already created.
6. In the Add Remote Access Policy window, enter an easily identifiable Policy friendly name that
will enable you to see the switch login for which the policy is being created; then click Next.
7. After the Add Remote Access Policy window refreshes, click Add.
8. In the Select Attribute window, select Windows Groups and click Add.
9. In the Groups window, click Add.
10. In the Select Groups window, select the user-defined group for which you are creating a policy and
click Add. After adding all appropriate groups, click OK. In the Groups window, click OK.
11. In the Add Remote Access Policy window, confirm that the “Conditions” section displays the
group(s) that you selected and click Next.
After the Add Remote Access Policy window refreshes, select the Grant remote access
permission radio button and click Next.
After the Add Remote Access Policy window refreshes again, click Edit Profile.
N
ote
A client is the device that uses the RADIUS server; in this case, it is the switch.