Intel 480T Switch User Manual


 
C H A P T E R 5 Accessing the Switch
67
and then to the secondary RADIUS server, if the primary does not
respond.
If the RADIUS client is enabled, but access to the RADIUS primary
and secondary servers fail, the routing switch uses its local database
for authentication.
The privileges assigned to the user (admin versus non-admin) at the
RADIUS server take precedence over the configuration in the local
switch database.
Per-Command Authentication Using RADIUS
Use RADIUS to perform per-command authentication. Per-
command authentication allows you to define several levels of user
capabilities that determine which set of commands the user has
access to based on the RADIUS username and password.
There is no need to configure any additional switch parameters to
take advantage of this capability. The RADIUS server
implementation automatically negotiates the per-command
authentication capability with the switch.
Configuring RADIUS Client
You can define primary and secondary server communication
information. Also for each RADIUS server, you can specify the
RADIUS port number to use when talking to the RADIUS server.
The default port value is 1645. The client IP address is the IP
address used by the RADIUS server for communicating with the
480T routing switch.
RADIUS commands are described in Table 5.9. Press the Tab key
in the command line interface for more command options.