Filter
Top Products
Web OS 10.0 Application Guide
104
Chapter 5: Secure Switch Management
212777-A, February 2002
RADIUS Authentication Features in Web OS
The following Radius Authentication features are supported in Web OS:
n Supports RADIUS client on the switch, based on the protocol definitions in RFC 2138 and
2866.
n Enables/disables support of RADIUS authentication and authorization.
The default disables the use of RADIUS for authentication and authorization.
n Allows RADIUS secret password up to 32 bytes and less than 16 octets.
n Supports secondary authentication server so that when the primary authentication server
is unreachable, the switch can send client authentication requests to the secondary authen-
tication server.
Use the /cfg/sys/radius/cur command to show the currently active RADIUS
authentication server.
n Supports user-configurable RADIUS server retry and time-out values.
The parameters are:
Time-out value = 1-10 seconds
Retries = 1-3
The switch will time out if it does not receive a response from the RADIUS server in 1-3
retries. The switch will also automatically retry connecting to the RADIUS server before it
declares the server down.
n Supports user-configurable RADIUS application port.
The default is 1645/UDP based on RFC 2138. Port 1812 is also supported.
n Allows network administrator to define privileges for one or more specific users to access
the switch at the RADIUS user database.
n SecurID is supported if the RADIUS server can do an ACE/Server client proxy. The pass-
word is the PIN number, plus the token code of the SecurID card.