| Device Manager Online Help
|
  
|
Enabling RADIUS authentication
Remote Authentication Dial In User Service (RADIUS) allows the remote RADIUS server rather than the switch to authenticate logins. The RADIUS server also provides access authority. The Passport software supports BaySecureTMAccess Control (BSAC) and the Port Authority RADIUS server.
RADIUS assists network security, authorization, and accounting by managing a database of users. Use of the database allows the switch to verify user names and passwords as well as information about the type of service available to the user such as Rlogin or Telnet.
The RADIUS software provides the following features:
- Additional user names
| You can use additional user names to access the switch, in addition to the five existing user names of ro, r2,11, 12,13, and rwa. The RADIUS server authenticates the user name and assigns one of the existing access priorities to that name. Unauthenticated user names are denied access to the switch. |
- User configurability
| Up to 10 RADIUS servers in each switch for fault tolerance (Each server is assigned a priority and is contacted in that order.) |
- A secret key for each server to authenticate the RADIUS client
- The server's UDP port
- Maximum retries allowed
- Timeout period for each attempt
- Changeable passwords
| Users can change passwords by logging in to the RADIUS server. However, access priorities are not configurable by individual users: access privileges are maintained by the system administrator. |