Support User Manuals

Raritan Computer TR361 Switch User Manual

Open as PDF

of 84

58 IP-REACH USER MANUAL

6. If you are appointing Remote Accounting, in the Authentication and Accounting screen, <TAB> to

the Enable Remote Accounting field, and press <SPACE BAR> to toggle to RADIUS.

7. When finished, press <ENTER> to save your changes, or press <ESC> to exit without saving Remote

Authentication configurations.

Implementing LDAP Remote Authentication

Reminder: Microsoft Active Directory functions natively as an LDAP authentication server.

If you choose LDAP authentication protocol, complete the LDAP fields as follows:

− Use Secure LDAP: Apply this rule to enables LDAP-S, which ensures that all authentication

requests and replies transmitted over the network are encrypted.

− Default Port / User Defined Port: Select an option button to choose whether you would like to

use the standard LDAP TCP ports, or specify your own user defined port.

− Base DN, Base Search, and Certificate File: Consult your authentication server administrator for

the appropriate values to type into these fields in order to process LDAP authentication queries

from IP-Reach.

Returning User Group Information via LDAP

When an LDAP authentication attempt succeeds, IP-Reach determines the permissions for a given user

based on the permissions of the user’s group. Your remote LDAP server can provide these user group

names by returning an attribute named as follows:

rciusergroup attribute type: string

This may require a schema extension on your LDAP server. Please consult your authentication server

administrator to enable this attribute.

Implementing RADIUS Remote Authentication

Microsoft Active Directory can be used as source information for RADIUS authentication by installing the

Windows server component Internet Authentication Server.

If you choose RADIUS authentication protocol, complete the RADIS fields as follows:

− Authentication Type: Click on the drop-down arrow to select either CHAP or PAP protocol.

− Server UDP Port / Custom UDP Port: Click on the drop-down arrow to select whether you

would prefer using standard RADIUS TCP port 1812, the legacy RADIUS TCP port 1645, or type

in your own user defined port in the Custom UDP Port field.

− Remote Accounting / Custom Accounting Port: Click on the check box to send authentication

events to a RADIUS accounting server; if so, type the TCP port should be used for transmitting

events in the Custom Accounting Port.

previous next