Nortel Networks 5500 series User Manual
Page 183
Configuring authentication
183
Table 34
Configuring authentication methods
/cfg/doamin #/aaa/auth #/radius
followed by:
servers
Accesses the RADIUS servers menu, in
order to manage the external RADIUS servers
configured for the domain (see
RADIUS authentication servers” (page 184)
).
vendorid <vendor ID>
Specifies the vendor-specific attribute used
by the RADIUS server to send group names
to the Nortel SNAS. The default Vendor-Id is
1872 (Alteon).
To use a standard RADIUS attribute rather
than the vendor-specific one, set the vendor ID
to 0 (see also vendor type).
ATTENTION
If
authproto
is
chapv2
, the Vendor-Id
must be set to 311 (Microsoft).
vendortype <vendor
type>
Specifies the Vendor-Type value used in
combination with the Vendor-Id to identify the
groups to which the user belongs. The group
names to which the vendor-specific attribute
points must match names you define on the
NSNAS. The default is 1.
If you set the vendor ID to 0 in order to use a
standard RADIUS attribute (see vendor ID), set
the vendor type to a standard attribute type as
defined in RFC 2865. For example, to use the
standard attribute Class, set the vendor ID to 0
and the vendor type to 25.
domainid <domain ID>
Specifies the vendor-specific attribute used
by the RADIUS server to send domain names
to the NSNAS. The default Vendor-Id is 1872
(Alteon).
ATTENTION
If
authproto
is
chapv2
, consider
setting the Vendor-Id for the domain to 10
(MS-CHAP-Domain).
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100
03.01
Standard
28 July 2008
Copyright © 2007, 2008 Nortel Networks
.