Filter
Top Products
Radius commands 3 Configuration commands
96 NN47928-107
radius client
External authentication of passwords can be configured, providing
additional security for user log ins to the BSGX4e. When a password is
externally authenticated, the radius client in the BSGX4e sends the log in
password to an external server for authentication.
When external authentication is used for a user account, the external
server defines the password required for log in using the account. The
password command can change the internal password stored for the
account, but the internal password is not used for authentication, thus the
effective password is not changed.
The RADIUS client is compatible with standard RADIUS servers. The client
maps RADIUS authentication records to users by their user account name.
Up to twenty RADIUS authentication records are supported.
Note: Disabling its authentication record suspends RADIUS authentication
for a user account. This prevents log ins by the user account until either its
authentication record is re-enabled or its authentication method (auth
value) is changed.
After a user account is configured to use RADIUS authentication, a RADIUS
authentication record must be configured for that user account. Every user
account that uses RADIUS password authentication must have its own
RADIUS authentication record.
Note: The user account must be configured before the corresponding
RADIUS authentication record is configured. See user accounts on page
169 for details on user accounts. Deleting the user account also deletes its
authentication record.
The following command configures the RADIUS authentication record.
Syntax config radius client <name> enabled [yes|no] auto
[yes|no] authserver <ip address|fqdn> secret <string>
binadaddr <ip address> interface [eth0|eth1|none]
Parameters user name Enter the name of the user account to which
the authentication record applies. The user
account must specify radius authentication.
enabled yes|no Enable/disable the RADIUS client for the user.
The default is no.
auto yes|no Automatically bind the client to the interface
specified by the interface parameter if DHCP is
in use. Specify yes if DHCP is in use. The
default is no.
authserver ip address|fqdn
Enter a FQDN or IP address of the RADIUS
authorization server that the client references.
secret string Enter a shared secret for the client as
determined by the server.
bindaddr ip address