Dell 6200 SERIES Computer Accessories User Manual

Open as PDF

of 176

118 Device Security

attributes containing configuration information. If the server rejects the user, it returns a negative result.

If the server rejects the client or the shared “secrets” differ, the server returns no result. If the server

requires additional verification from the user, it returns a challenge, and the request process begins again.

If you use a RADIUS server to authenticate users, you must configure user attributes in the user database

on the RADIUS server. The user attributes include the user name, password, and privilege level.

NOTE: To set the privilege level, use the Service-Type attribute. Do not us any vendor-specific attribute

value pairs.

The following example shows an entry in the FreeRADIUS /etc/raddb/users file that allows a

user (name: admin) to log onto the switch with read/write privileges, which is equivalent to privilege level

15.

admin Auth-Type := Local,

User-Password == "pass1234"

Service-Type = NAS-Prompt-User

enable Auth-Type := Local,

User-Password == "pass5678"

Service-Type = Administrative-User

The values for the Service-Type attribute are as follows:

•

NAS-Prompt-User

indicates the user should be provided a command prompt on the NAS, from

which nonprivileged commands can be executed.

•

Administrative-User

indicates the user should be granted access to the administrative

interface to the NAS, from which privileged commands can be executed.

RADIUS Configuration Examples

This section contains examples of commands used to configure RADIUS settings on the switch.

Example #1: Basic RADIUS Server Configuration

This example configures two RADIUS servers at 10.10.10.10 and 11.11.11.11. Each server has a unique

shared secret key. The shared secrets are configured to be

secret1

and

secret2

respectively. The server at

10.10.10.10 is configured as the primary server. The process creates a new authentication list, called

radiusList, which uses RADIUS as the primary authentication method, and local authentication as a

backup method in the event that the RADIUS server cannot be contacted.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Dell 6200 SERIES Computer Accessories User Manual