Support User Manuals

Avocent ACS 5000 Server User Manual

Open as PDF

of 161

To configure a RADIUS authentication server:

Perform the following procedure to configure a RADIUS authentication server when the

console server or any of its ports are configured to use RADIUS authentication method or any

of its variations (Local/RADIUS, RADIUS/Local or RADIUS/DownLocal).

1. Go to Security - Authentication - RADIUS in Expert mode.

2. Fill in the form according to your local RADIUS server configuration.

3. Click apply changes.

Group authorization on RADIUS

Group information retrieval from a RADIUS authentication server adds another layer of security

by adding a network-based authorization. It retrieves the group information from the

authentication server and performs an authorization through the console server.

NOTE: Whenconfiguring theRADIUSauthenticationserver,selecttheEnableService-Typeattribute checking

checkboxto authorizethe consoleserver toretrievethe levelofthe user (adminor regular) basedon the Service-

Type attribute fromtheRADIUS server. Deselectthe checkboxto authorizethe consoleserver toretrievethe level

ofuser basedonthe group_nameattributesentbythe RADIUSserver.

To configure a TACACS+ authentication server:

Perform the following procedure to configure a TACACS+ authentication server when the

console server or any of its ports are configured to use TACACS+ authentication method or any

of its variations (Local/TACACS+, TACACS+/Local or TACACS+/DownLocal).

1. Go to Security - Authentication - TACACS+ in Expert mode. The TACACS+ form displays.

2. Fill in the form according to your local TACACS+ server configuration.

3. To apply Authorization in addition to authentication to the box and ports, select the

Enable Raccess Authorization checkbox.

By default, Raccess Authorization is disabled and no additional authorization is

implemented. When Raccess Authorization is enabled, the authorization level of users

trying to access the console server or its ports using TACACS+ authentication is

checked. Users with administrator privileges have administrative access and users with

regular user privileges have regular user access.

4. To specify a time-out period in seconds for each authentication attempt, type a number in

the Timeout field.

If the authentication server does not respond to the client’s login attempt before the

specified time period, the login attempt is cancelled. The user may retry depending on

the number specified in the Retries field on this form.

94 Cyclades

®

ACS5000 Installation/Administration/User Guide

previous next