Filter
Top Products
Brocade ICX 6650 Security Configuration Guide 45
53-1002601-01
RADIUS security
Configuring RADIUS
Follow the procedure given below to configure a Brocade device for RADIUS.
1. Configure Brocade vendor-specific attributes on the RADIUS server. Refer to “Brocade-specific
attributes on the RADIUS server” on page 45.
2. Identify the RADIUS server to the Brocade device. Refer to “Identifying the RADIUS server to the
Brocade device” on page 47.
3. Optionally specify different servers for individual AAA functions. Refer to “Specifying different
servers for individual AAA functions” on page 48.
4. Optionally configure the RADIUS server as a “port only” server. Refer to “RADIUS server per
port” on page 48.
5. Optionally bind the RADIUS servers to ports on the Brocade device. Refer to “RADIUS server to
individual ports mapping” on page 49.
6. Set RADIUS parameters. Refer to “RADIUS parameters” on page 50.
7. Configure authentication-method lists. Refer to “Setting authentication-method lists for
RADIUS” on page 51.
8. Optionally configure RADIUS authorization. Refer to “RADIUS authorization” on page 53.
9. Optionally configure RADIUS accounting. “RADIUS accounting” on page 55.
Brocade-specific attributes on the RADIUS server
NOTE
For all Brocade devices, RADIUS Challenge is supported for 802.1x authentication but not for login
authentication.
During the RADIUS authentication process, if a user supplies a valid username and password, the
RADIUS server sends an Access-Accept packet to the Brocade device, authenticating the user.
Within the Access-Accept packet are three Brocade vendor-specific attributes that indicate:
• The privilege level of the user
• A list of commands
• Whether the user is allowed or denied usage of the commands in the list
You must add these three Brocade vendor-specific attributes to your RADIUS server configuration,
and configure the attributes in the individual or group profiles of the users that will access the
Brocade device.
Brocade Vendor-ID is 1991, with Vendor-Type 1. The following table describes the Brocade
vendor-specific attributes.