Handbook
Error! Use the Home tab to apply θ¦εΊγ 1 to the text that you want to appear here. 20
2. Apply, verify, and save the configuration.
RADIUS authentication features
The switch supports the following RADIUS authentication features:
Supports RADIUS client on the switch, based on the protocol definitions in RFC 2138 and RFC 2866.
Allows RADIUS secret password up to 32 bytes.
Supports secondary authentication server so that when the primary authentication server is
unreachable, the switch can send client authentication requests to the secondary authentication
server. Use the /cfg/sys/radius/cur command to show the currently active RADIUS
authentication server.
Supports user-configurable RADIUS server retry and time-out values:
Time-out value = 1-10 seconds
Retries = 1-3
The switch will time out if it does not receive a response from the RADIUS server in one to three retries.
Supports user-configurable RADIUS application port. The default is 1645/User Datagram Protocol
(UDP)-based on RFC 2138. Port 1812 is also supported.
User accounts for RADIUS users
The user accounts listed in the following table can be defined in the RADIUS server dictionary file.
Table 2 User access levels
User account
Description and tasks performed
User
User interaction with the switch is completely passive; nothing can be changed on
the switch. Users may display information that has no security or privacy implications,
such as switch statistics and current operational state information.
Operator
Operators can only effect temporary changes on the switch. These changes are lost
when the switch is rebooted/reset. By default, the operator account is disabled and
has no password.
Administrator
Administrators are the only ones that can make permanent changes to the switch
configuration β changes that are persistent across a reboot/reset of the switch.
Administrators can access switch functions to configure and troubleshoot problems
on the switch level.
1. Apply
3. Save
2. Verify