Administrator Guide

ManualsBrandsDell ManualsserversDell Force10 MXL Blade

681

682

683

684

685

686

687

688

689

690

• If an ACL is absent.

• If there is a very long delay for an entry, or a denied entry because of an ACL, and a message is logged.

NOTE: The ACL name must be a string. Only standard ACLs in authorization (both RADIUS and TACACS) are supported.

Authorization is denied in cases using Extended ACLs.

Auto-Command

You can congure the system through the RADIUS server to automatically execute a command when you connect to a specic line.

The auto-command command is executed when the user is authenticated and before the prompt appears to the user.

• Automatically execute a command.

auto-command

Setting Access to Privilege Levels through RADIUS

To congure a privilege level for the user to enter into when they connect to a session, use the following command.

Congure a privilege level for the user to enter into when they connect to a session through the RADIUS server.

privilege level

Congure this value on the client system.

Conguration Task List for RADIUS

To authenticate users using RADIUS, you must specify at least one RADIUS server so that the system can communicate with and

congure RADIUS as one of your authentication methods.

The following list includes the conguration tasks for RADIUS.

• Dening a AAA Method List to be Used for RADIUS (mandatory)

• Applying the Method List to Terminal Lines (mandatory except when using default lists)

• Specifying a RADIUS Server Host (mandatory)

• Setting Global Communication Parameters for all RADIUS Server Hosts (optional)

• Monitoring RADIUS (optional)

For a complete listing of all Dell Networking OS commands related to RADIUS, refer to the Security chapter in the Dell Networking

OS Command Reference Guide.

NOTE: RADIUS authentication and authorization are done in a single step. Hence, authorization cannot be used

independent of authentication. However, if you have congured RADIUS authorization and have not congured

authentication, a message is logged stating this. During authorization, the next method in the list (if present) is used, or

if another method is not present, an error is reported.

To view the conguration, use the show config in LINE mode or the show running-config command in EXEC Privilege

mode.

Dening a AAA Method List to be Used for RADIUS

To congure RADIUS to authenticate or authorize users on the system, create a AAA method list.

Default method lists do not need to be explicitly applied to the line, so they are not mandatory.

To create a method list, use the following commands.

• Enter a text string (up to 16 characters long) as the name of the method list you wish to use with the RADIUS authentication

method.

CONFIGURATION mode

aaa authentication login method-list-name radius

• Create a method list with RADIUS and TACACS+ as authorization methods.

CONFIGURATION mode

686

Security