Rsa radius server – Dell POWEREDGE M1000E User Manual
Page 160
160
Fabric OS Administrator’s Guide
53-1002745-02
Remote authentication
5
e. After returning to the Internet Authentication Service window, add additional policies for all
Brocade login types for which you want to use the RADIUS server. After this is done, you
can configure the switch.
NOTE
Windows 2008 RADIUS (NPS) support is also available.
RSA RADIUS server
Traditional password-based authentication methods are based on one-factor authentication, where
you confirm your identity using a memorized password. Two-factor authentication increases the
security by using a second factor to corroborate identification. The first factor is either a PIN or
password and the second factor is the RSA SecurID token.
RSA SecurID with an RSA RADIUS server is used for user authentication. The Brocade switch does
not communicate directly with the RSA Authentication Manager, so the RSA RADIUS server is used
in conjunction with the switch to facilitate communication.
To learn more about how RSA SecurID works, visit www.rsa.com for more information.
Setting up the RSA RADIUS server
For more information on how to install and configure the RSA Authentication Manager and the RSA
RADIUS server, refer to your documentation or visit www.rsa.com.
1. Create user records in the RSA Authentication Manager.
2. Configure the RSA Authentication Manager by adding an agent host.
3. Configure the RSA RADIUS server.
Setting up the RSA RADIUS server involves adding RADIUS clients, users, and vendor specific
attributes to the RSA RADIUS server.
a. Add the following data to the vendor.ini file:
vendor-product = Brocade
dictionary = brocade
ignore-ports = no
port-number-usage = per-port-type
help-id = 2000
b. Create a brocade.dct file that needs to be added into the dictiona.dcm file located in the
following path:
C:\Program Files\RSA Security\RSA RADIUS\Service
on page 161 shows what the brocade.dct file should look like and
page 162 shows what needs to be modified in the brocade.dcm file.
NOTE
The dictionary files for RSA RADIUS server must remain in the installation directory. Do not
move the files to other locations on your computer.