6 radius client configuration, Radius client configuration – CANOGA PERKINS 9145E Standard NID Software Version 1.0 User Manual

9145E NID Software User’s Manual

System Configuration

RADIUS Client Configuration

28

1.

System Name - The system name can be up to 25 characters long. It is displayed in the header
under Ethernet Network Interface Device. If you are running multiple telnet sessions, you will be
able to identify the NID you are viewing.

2.

Contact - up to 25 characters

3.

Location - up to 25 characters

4.

Customer - up to 25 characters

5.

Information - two lines, up to 40 characters each

6.

Circuits - two lines, up to 25 characters each

7.

Service Code - up to 10 characters

8.

Date-in-Service - [mm/dd/yyyy] - displays when the 9145E was placed into service

9.

Date-Out-of-Service - [mm/dd/yyyy] - displays when the 9145E was last taken out of service

10. Equipment Type - up to 10 characters

11. Equipment Code - up to 10 characters

12. Vendor - up to 25 characters

13. CLEI - Common Language Equipment Identification (CLEI) up to 10 characters

14. Mfg Date - [mm/dd/yyyy] - an editable date field

3.6 RADIUS Client Configuration

RADIUS (Remote Authentication Dial-In User Service) software support is provided for User
Authentication.

RADIUS provides the ability to have user interface accounts to be maintained and authenticated by a
RADIUS server. The RADIUS server also maintains user account information:

AccessFrom - Where the account can be used.

AccessLevel - The security access level for the user.

Description - The account description.

LogoutUser - Whether or not the user can be forcefully logged out.

When a user enters a username and password and RADIUS has been configured, the username and
password is sent to the RADIUS server and is validated there. If valid, then the RADIUS server sends an
accept message along with the above account information and the 9145E RADIUS client allows the user in
with this configuration.

The RADIUS server may send a reject message in which case the user is not logged in. The RADIUS
server may also send a challenge message if it has been configured to do so in which case the user is
prompted for additional authentication information at which time the RADIUS server will then send an
accept or reject message.

This is the RADIUS client configuration:

Up to two RADIUS servers can be configured. The RADIUS server that is consulted is determined by the
server priority. The server with the lowest priority number is consulted first. If it does not respond, then the
other RADIUS server is consulted (if configured). If both servers are configured with the same priority then
a round-robin access is used; first one RADIUS server will be consulted and the next request will be sent to
the other RADIUS server first. The server priorities are relative. That is, you could configure one server
with priority 10 and the other with 20. The values of the numbers do not matter, just the relative values of
the numbers (in this case 10 being less than 20). This is done to allow you to easily change the server
priorities without having to edit both entries. If you had configured the servers with 10 and 20, you could
make the server with 20 have higher priority simply by changing its priority to 5; no need to change the one
with 10.