Owner's manual
4-38 WS5100 Series Switch System Reference Guide
7. Refer to the Accounting field and define the following credentials for a primary and secondary Radius
Server.
8. Select the Re-authentication checkbox to force periodic re-authentication with the Radius server.
Periodic repetition of the authentication process provides ongoing security for current authorized
connections. Define an interval between 30 and 65535 seconds.
9. Refer to the Advanced field to define the authentication protocol used with the Radius Server.
10.Click OK to save the changes made to this screen.
11.Click Cancel to revert back to the last saved configuration and move back to the
Network > Wireless LANs > Edit screen.
Configuring an External Radius Server for Optimal Switch Support
The switch’s external Radius Server should be configured with switch specific attributes to best utilize the
user privilege values assignable by the Radius Server. The following two values should be configured on the
external Radius Server for optimal use with the switch:
• Motorola user privilege values
• User login source
Accounting Server
Address
Enter the IP address of the primary and secondary server acting as the Radius accounting
server.
Accounting Port Enter the TCP/IP port number for the primary and secondary server acting as the Radius
accounting data source. The default port is 1813.
Accounting Shared
Secret
Provide a shared secret (password) for user credential authentication with the primary or
secondary Radius accounting server.
Accounting Timeout Enter a value (between 1 and 300 seconds) to indicate the number of elapsed seconds
causing the switch to time out on a request to the primary or secondary accounting server.
Accounting Retries Enter a value between 1 and 100 to indicate the number of times the switch attempts to
reach the primary or secondary Radius accounting server before giving up.
Accounting Mode Use the Accounting Mode drop-down menu to define the accounting mode as either
Start-
Stop
, Stop Only or Start-Interim-Stop. Define the interval (in seconds) used with the
selected accounting mode.
PAP PAP - Password Authentication Protocol sends a username and password over a network to
a server that compares the username and password to a table of authorized users. If the
username and password are matched in the table, server access is authorized.
CHAP CHAP is an encrypted authentication method based on Microsoft's challenge/response
authentication protocol.
DSCP/TOS Optionally mark packets with a DiffServ CodePoint (DSCP) in its header. The DSCP value is
stored in the first 6 bits of the Type of Service (ToS) field that is part of the standard IP header.
The DCSP values are associated with a forwarding treatment called Per Hop Behaviors (PHB).
Service can be provisioned (if necessary) by assigning a DCSP point code from 1 - 6.