Raritan Computer TR361 Switch User Manual


 
58 IP-REACH USER MANUAL
6. If you are appointing Remote Accounting, in the Authentication and Accounting screen, <TAB> to
the Enable Remote Accounting field, and press <SPACE BAR> to toggle to RADIUS.
7. When finished, press <ENTER> to save your changes, or press <ESC> to exit without saving Remote
Authentication configurations.
Implementing LDAP Remote Authentication
Reminder: Microsoft Active Directory functions natively as an LDAP authentication server.
If you choose LDAP authentication protocol, complete the LDAP fields as follows:
Use Secure LDAP: Apply this rule to enables LDAP-S, which ensures that all authentication
requests and replies transmitted over the network are encrypted.
Default Port / User Defined Port: Select an option button to choose whether you would like to
use the standard LDAP TCP ports, or specify your own user defined port.
Base DN, Base Search, and Certificate File: Consult your authentication server administrator for
the appropriate values to type into these fields in order to process LDAP authentication queries
from IP-Reach.
Returning User Group Information via LDAP
When an LDAP authentication attempt succeeds, IP-Reach determines the permissions for a given user
based on the permissions of the user’s group. Your remote LDAP server can provide these user group
names by returning an attribute named as follows:
rciusergroup attribute type: string
This may require a schema extension on your LDAP server. Please consult your authentication server
administrator to enable this attribute.
Implementing RADIUS Remote Authentication
Microsoft Active Directory can be used as source information for RADIUS authentication by installing the
Windows server component Internet Authentication Server.
If you choose RADIUS authentication protocol, complete the RADIS fields as follows:
Authentication Type: Click on the drop-down arrow to select either CHAP or PAP protocol.
Server UDP Port / Custom UDP Port: Click on the drop-down arrow to select whether you
would prefer using standard RADIUS TCP port 1812, the legacy RADIUS TCP port 1645, or type
in your own user defined port in the Custom UDP Port field.
Remote Accounting / Custom Accounting Port: Click on the check box to send authentication
events to a RADIUS accounting server; if so, type the TCP port should be used for transmitting
events in the Custom Accounting Port.