Filter
Top Products
Chapter 8: User Management
119
3. Authentication Port. The default authentication port is 1812; change
as required.
4. Accounting Port. The default accounting port is 1813; change as
required.
5. Timeout (in seconds). The default timeout is 1 second; change as
required. The timeout is the length of time the Dominion KX II waits
for a response from the RADIUS server before sending another
authentication request.
6. Retries. The default number of retries is 3; change as required. This is
the number of times the Dominion KX II will send an authentication
request to the RADIUS server.
7. Global Authentication Type. Select from among the options in the
drop-down list:
PAP. With PAP, passwords are sent as plain text. PAP is not
interactive; the username and password are sent as one data
package once a connection is established, rather than the server
sending a login prompt and waiting for a response.
CHAP. With CHAP authentication can be requested by the
server at any time. CHAP provides more security than PAP.
Returning User Group Information via RADIUS
When a RADIUS authentication attempt succeeds, the Dominion KX II
device determines the permissions for a given user based on the
permissions of the user's group.
Your remote RADIUS server can provide these user group names by
returning an attribute, implemented as a RADIUS FILTER-ID. The
FILTER-ID should be formatted as follows:
Raritan:G{GROUP_NAME}
where GROUP_NAME is a string, denoting the name of the group to
which the user belongs.