Technical data
Fabric OS Administrator’s Guide 3-15
Publication Number: 53-0000518-09
Setting Up RADIUS AAA Service
3
12. In the Edit Dial-in Profile window, click the Authentication tab and check only the Encrypted
Authentication (CHAP) and Unencrypted Authentication (PAP, SPAP) checkboxes; then click
the Advanced tab and click Add.
13. In the Add Attributes window, select Vendor-Specific and click Add.
14. In the Multivalued Attribute Information window, click Add.
15. In the Vendor-Specific Attribute Information window, click the Enter Vendor Code radio button
and enter the value 1588. Click the Yes. It conforms radio button, and then click Configure
Attribute....
16. In the Configure VSA (RFC compliant) window, enter the following:
Vendor-assigned attribute number Enter the value 1.
Attribute format Enter String.
Attribute value Enter the login role (root, admin, factory, switchAdmin, or user) the user group
must use to log in to the switch.
Click OK.
17. In the Multivalued Attribute Information window, click OK.
18. In the Edit Dial-in Profile window, remove all additional parameters (except the one you just
added, “Vendor-Specific”). Click OK.
19. In the Add Remote Access Policy window, click Finish. After returning to the Internet
Authentication Service window, repeat steps 5 through 19 to add additional policies for all Brocade
login types you want to use the RADIUS server. After this is done, you can configure the switch.
Configuring the Switch
RADIUS configuration of the switch is controlled by the aaaConfig command.
The following procedures show how to use the aaaConfig command to set up a switch for
RADIUS service.
N
ote
On dual-CP switches (SilkWorm 12000, 24000, and 48000), the switch sends its RADIUS request using
the IP address of the active CP. When adding clients, add both the active and standby CP IP addresses so
that users can still log in in the event of a failover.