Dell PowerEdge FX2 Dell PowerEdge FN I/O Aggregator Configuration Guide 9.6(0 - Page 164
Configuration Task List for RADIUS, Defining a AAA Method List to be Used for RADIUS
View all Dell PowerEdge FX2 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 164 highlights
Configuration Task List for RADIUS To authenticate users using RADIUS, you must specify at least one RADIUS server so that the system can communicate with and configure RADIUS as one of your authentication methods. The following list includes the configuration tasks for RADIUS. • Defining a AAA Method List to be Used for RADIUS (mandatory) • Applying the Method List to Terminal Lines (mandatory except when using default lists) • Specifying a RADIUS Server Host (mandatory) • Setting Global Communication Parameters for all RADIUS Server Hosts (optional) • Monitoring RADIUS (optional) For a complete listing of all Dell Networking OS commands related to RADIUS, refer to the Security chapter in the Dell Networking OS Command Reference Guide. NOTE: RADIUS authentication and authorization are done in a single step. Hence, authorization cannot be used independent of authentication. However, if you have configured RADIUS authorization and have not configured authentication, a message is logged stating this. During authorization, the next method in the list (if present) is used, or if another method is not present, an error is reported. To view the configuration, use the show config in LINE mode or the show running-config command in EXEC Privilege mode. Defining a AAA Method List to be Used for RADIUS To configure RADIUS to authenticate or authorize users on the system, create a AAA method list. Default method lists do not need to be explicitly applied to the line, so they are not mandatory. To create a method list, use the following commands. • Enter a text string (up to 16 characters long) as the name of the method list you wish to use with the RADIUS authentication method. CONFIGURATION mode aaa authentication login method-list-name radius • Create a method list with RADIUS and TACACS+ as authorization methods. CONFIGURATION mode aaa authorization exec {method-list-name | default} radius tacacs+ Typical order of methods: RADIUS, TACACS+, Local, None. If RADIUS denies authorization, the session ends (RADIUS must not be the last method specified). Applying the Method List to Terminal Lines To enable RADIUS AAA login authentication for a method list, apply it to a terminal line. To configure a terminal line for RADIUS authentication and authorization, use the following commands. • Enter LINE mode. CONFIGURATION mode line {aux 0 | console 0 | vty number [end-number]} 164 Security