Filter
Top Products
121
Enhancements
Release M.10.39 Enhancements
■ Enhancement (PR_1000428213) — This software enhancement adds the ability to
configure a secondary authentication method to be used when the RADIUS server is
unavailable for the primary port-access method.
RADIUS Server Unavailable
Overview
In certain situations, RADIUS servers can become isolated from the network. Users are not able to
access the network resources configured with RADIUS access protection and are rejected. To
address this situation, configuring the “authorized” secondary authentication method allows users
unconditional access to the network when the primary authentication method fails because the
RADIUS servers are unreachable.
Configuring RADIUS Authentication
You can configure the switch for RADIUS authentication through the following access methods:
■ Console: Either direct serial-port connection or modem connection.
■ Telnet: Inbound Telnet must be enabled (the default).
■ SSH: To use RADIUS for SSH access, first configure the switch for SSH operation.
■ Web: Enables RADIUS authentication for web browser interface access to the switch.
You can configure radius as the primary password authentication method for the above access
methods. You also need to select either local, none, or authorized as a secondary, or backup, method..
Caution
Configuring authorized as the secondary authentication method used when there is a failure accessing
the RADIUS servers allows clients to access the network unconditionally. Use this method with care.
Syntax: aaa authentication < console | telnet | ssh | web > < enable | login > radius
Configures RADIUS as the primary password authentication method for console, Telnet,
SSH, and the web browser interface. (The default primary < enable | login > authentica-
tion is local.)
[< local | none | authorized >]
Provides options for secondary authentication (default: none).