Motorola Series Switch WS5100 User Manual

Switch Security

6-51

2. Click the

Authentication

tab.

3. Define whether the IPSec VPN user authentication is conducted using a Radius Server (by selecting the

Radius

radio button), by a user-defined set of names and password (by selecting the

User Table

radio

button) or if no authentication is used for credential verification (by selecting the

No Authentication

radio button).

4. Enter a

NAS ID

for the NAS port.

The profile database on the Radius server consists of user profiles for each physical network access
server (NAS) port connected. Every profile contains a profile matched to a username representing a
physical port. When the switch authorizes users, it queries the user profile database using a username
representative of the physical NAS port making the connection.

5. If the

Radius Server

radio button was selected, the following server information displays when the

Radius tab is selected:

6. Select an existing Radius Server and click the

Edit

button to modify its designation as a primary or

secondary Radius Server, IP address, port, NAS ID and shared secret password.

Motorola recommends only modifying an existing Radius Server when its current configuration is longer
viable for providing user authentication. Otherwise, define a new Radius Server.

Type

Displays whether this target server is a primary or secondary Radius Server.

Server IP Address

Displays the IP address of the server acting as the data source for the Radius server.

Port

Displays the TCP/IP port number for the server acting as a data source for the Radius. The
default port is 389.

Shared Secret

Displays a shared secret used for each host or subnet authenticating against the RADIUS
server. The shared secret can be up to 7 characters in length.