Setup Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

921

922

923

924

925

926

927

928

929

930

• The administrator changes the idle-time of the line on which the user has logged in.

• The idle-time is lower than the RADIUS-returned idle-time.

ACL Conguration Information

The RADIUS server can specify an ACL. If an ACL is congured on the RADIUS server, and if that ACL is present, the user may be allowed

access based on that ACL.

If the ACL is absent, authorization fails, and a message is logged indicating this.

RADIUS can specify an ACL for the user if both of the following are true:

• If an ACL is absent.

• If there is a very long delay for an entry, or a denied entry because of an ACL, and a message is logged.

NOTE: The ACL name must be a string. Only standard ACLs in authorization (both RADIUS and TACACS) are supported.

Authorization is denied in cases using Extended ACLs.

Auto-Command

You can congure the system through the RADIUS server to automatically execute a command when you connect to a specic line.

The auto-command command is executed when the user is authenticated and before the prompt appears to the user.

• Automatically execute a command.

auto-command

Privilege Levels

Through the RADIUS server, you can congure a privilege level for the user to enter into when they connect to a session.

This value is congured on the client system.

• Set a privilege level.

privilege level

Conguration Task List for RADIUS

To authenticate users using RADIUS, you must specify at least one RADIUS server so that the system can communicate with and congure

RADIUS as one of your authentication methods.

The following list includes the conguration tasks for RADIUS.

• Dening a AAA Method List to be Used for RADIUS (mandatory)

• Applying the Method List to Terminal Lines (mandatory except when using default lists)

• Specifying a RADIUS Server Host (mandatory)

• Setting Global Communication Parameters for all RADIUS Server Hosts (optional)

• Monitoring RADIUS (optional)

For a complete listing of supported RADIUS commands, refer to the Security chapter in the Dell Networking OS Command Reference

Guide.

NOTE

: RADIUS authentication and authorization are done in a single step. Hence, authorization cannot be used independent of

authentication. However, if you have congured RADIUS authorization and have not congured authentication, a message is

logged stating this. During authorization, the next method in the list (if present) is used, or if another method is not present, an

error is reported.

Security 925