Chapter 8 User Authentication
40 Avaya P332GT-ML User’s Guide
All transactions between the RADIUS client and server are authenticated through
the use of a “shared secret” which is not sent over the network. The shared secret is
an authentication password configured on both the RADIUS client and its RADIUS
servers. The shared secret is stored as clear text in the client’s file on the RADIUS
server, and in the non-volatile memory of the P330. In addition, user passwords are
sent between the client and server are encrypted for increased security.
Figure 8.1 illustrates the RADIUS authentication procedure:
Figure 8.1 RADIUS Authentication Procedure
User attempts login
Local User
account
authenticated in
switch?
Perform log-in according
to user's priviliege level
to switch
Yes
Authentication
request sent to
RADIUS Server
No
User name and
password
authenticated?
Yes
Authentication Reject
sent to switch
User cannot access switch
embedded managegment
No