Radius overview, Radius implementation guidelines – Allied Telesis AT-S81 User Manual
Page 172
Chapter 14: RADIUS Authentication Protocol
172
Section I: Using the Menus Interface
RADIUS Overview
RADIUS (Remote Authentication Dial In User Services) is an
authentication protocol for enhancing the security of your network. The
protocol transfers the task of authenticating network access from a
network device to an authentication protocol server.
The AT-S81 management software comes with RADIUS client software.
You can use the client software together with 802.1x network access
control, described in Chapter 13, “802.1x Network Access Control” on
page 159, to control which end users and end nodes can send packets
through the switch.
RADIUS
Implementation
Guidelines
What do you need to use the RADIUS protocol? Following are the main
points.
You must install RADIUS server software on a network server or
management station. Authentication protocol server software is not
available from Allied Telesyn.
The RADIUS server must be communicating with the switch through a
port that is an untagged member of the Default VLAN.
If the RADIUS server is on a different subnet from switch, be sure to
specify a default gateway in the System IP Configuration Menu, shown
in Figure 5 on page 33, so that the switch and server can communicate
with each other.
You need to configure the RADIUS server software on the
authentication server by specifying the username and password
combinations. The maximum length of a username or password is 12
alphanumeric characters.
Note
This manual does not explain how to configure RADIUS server
software. Refer to the documentation that came with the software for
instructions.
You must activate the RADIUS client software on the switch using the
AT-S81 management software and configure the settings. This is
explained in “Configuring the RADIUS Server” on page 173. By
default, authentication protocol is disabled.
Note
For more information on the RADIUS authentication protocol, refer
to the RFC 2865 standard.