40 configuring radius authentication, 1 overview, 2 topology – CANOGA PERKINS 9175 Configuration Guide User Manual

CanogaOS Configuration Guide

40-1

40 Configuring Radius Authentication

40.1 Overview

Authentication verifies users before they are allowed access to the network and network
services. System can use AAA authentication methods and Non-AAA authentication
methods. Radius Authentication is one of AAA authentication methods. Radius is a
distributed client/server system that secures networks against unauthorized access.
Radius is widely used protocol in network environments. It is commonly used for
embedded network devices such as routers, modem servers, switches, etc. Radius
clients run on supported Centec routers and switches. Clients send authentication
requests to a central Radius server, which contains all user authentication and network
service access information.

40.2 Topology

Figure 40-1: RADIUS authentication application

Figure 40-1 is the networking topology for RADIUS authentication functions. We need
one Centec Switch and one Linux box to construction the testing bed.
Linux box use as RADIUS server, it ip address of the eth0 interface is 1.1.1.1/24.
Centec Switch has RADIUS authentication function. The ip address of interface eth-0-1
is 1.1.1.2/24. The management ip address of Centec switch is 3.3.3.3/24.

40.3 Configuration Steps

For Linux Box
Step 1: login as root

#

Step 2: configuration ip address of the interface eth0

# ifconfig eth0 1.1.1.1 netmask 255.255.255.0

Step 3: add user “user_test” to RADIUS server database. Username: user_test,
password: admin. RADIUS server database is usually in /etc/raddb/users.

Step 4: run RADIUS server.

#radiusd -x