Dell PowerConnect 5212 Addendum to the User's Guide - Page 15

RADIUS Configuration for Management Access - password

Get Dell PowerConnect 5212 PDF manuals and user guides View all Dell PowerConnect 5212 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 15 highlights

Y1836bk0.book Page 13 Tuesday, July 15, 2003 12:55 PM attributes. Standard RADIUS packets and attributes are defined in RFC 2865, RADIUS. When configuring the RADIUS server, certain attributes and values need to be specified to control the authorization of users on the switch. NOTE: The RADIUS server must be configured separately for each switch that needs to use its services. The switch and RADIUS server must be configured correctly to process authentication communications. This applies to both authentication to gain management access to the switch, and to IEEE 802.1x port authentication for network access. For the RADIUS server to communicate with the switch, the following basic parameters must first be configured on the server: • The IP address of the switch • The RADIUS secret text key used by the server and the switch • The UDP ports used to communicate with the switch (The default on the switch is port 1812.) Refer to your RADIUS server documentation for information on configuring these specific parameters. The server configuration for users and specific RADIUS attributes depend on whether authentication is for management access to the switch or for IEEE 802.1x port authentication. The configuration details for each application are in the following sections. RADIUS Configuration for Management Access Each user who requires management access to the switch must be configured on the RADIUS server. When setting up the client user database, include the following information: • User Name. • Password. • RADIUS attribute service type - This attribute (type number 6) returns the privilege level of the user to the switch. Select Administrative (value 6) for users that are allowed privileged exec access. Any other value received by the switch allows only normal exec access. The switch requires a special user name to be configured on the RADIUS server to enable privileged exec access from normal exec access using the CLI command enable. Configure a user name of $Enable with a password enable. Then set the Service-Type attribute to Administrative. NOTE: Other attributes can be configured on the RADIUS server, which if passed to the switch will be ignored. Refer to your RADIUS server documentation for information on configuring a user database and specific attributes. Documentation Update 13

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
Documentation Update
13
attributes.
Standard RADIUS packets and attributes are defined in RFC 2865, RADIUS. When
configuring the RADIUS server, certain attributes and values need to be specified to control the
authorization of users on the switch.
NOTE:
The RADIUS server must be configured separately for each switch that needs to use its services.
The switch and RADIUS server must be configured correctly to process authentication
communications. This applies to both authentication to gain management access to the switch,
and to IEEE 802.1x port authentication for network access.
For the RADIUS server to communicate with the switch, the following basic parameters must first
be configured on the server:
The IP address of the switch
The RADIUS secret text key used by the server and the switch
The UDP ports used to communicate with the switch (The default on the switch is
port 1812.)
Refer to your RADIUS server documentation for information on configuring these specific
parameters.
The server configuration for users and specific RADIUS attributes depend on whether
authentication is for management access to the switch or for IEEE 802.1x port authentication. The
configuration details for each application are in the following sections.
RADIUS Configuration for Management Access
Each user who requires management access to the switch must be configured on the RADIUS
server. When setting up the client user database, include the following information:
User Name.
Password.
RADIUS attribute service type — This attribute (type number 6) returns the privilege level of
the user to the switch. Select
Administrative
(value 6) for users that are allowed privileged
exec access. Any other value received by the switch allows only normal exec access.
The switch requires a special user name to be configured on the RADIUS server to enable
privileged exec access from normal exec access using the CLI command
enable
. Configure a user
name of
$Enable
with a password
enable
. Then set the
Service-Type
attribute to
Administrative
.
NOTE:
Other attributes can be configured on the RADIUS server, which if passed to the switch will be
ignored.
Refer to your RADIUS server documentation for information on configuring a user database and
specific attributes.
Y1836bk0.book
Page 13
Tuesday, July 15, 2003
12:55 PM