beautypg.com

Motorola Series Switch WS5100 User Manual

Page 333

background image

Switch Management

7-25

7. Select a Radius server from the table and click the

Edit

button to modify how the authentication method

is used. For more information, see

Modifying the Properties of an Existing Radius Server on page 7-25

.

8. Highlight a Radius Server from those listed and click the

Delete

button to remove the server from the list

of available servers.

9. Click the

Add

button at the bottom of the screen to display a sub-screen used to add a Radius Server to

the list of servers available to the switch. For more information, see

Adding a New Radius Server on page 7-26

.

7.6.2.1 Modifying the Properties of an Existing Radius Server

Some of the attributes of an existing Radius Server can be modified by the WS5100 to better reflect the
Radius Server’s existing connection with the switch.

To modify the attributes of an existing Radius Server:

1. Select

Management Access

>

Users

from the main menu tree.

The Users screen displays.

2. Click on the

Authentication

tab.

3. Select an existing Radius Server from those listed and click the

Edit

button at the bottom of the screen.

4. Modify the following Radius Server attributes as necessary:

Shared Secret

Displays the shared secret used to verify Radius messages (with the exception of the Access-
Request message) are sent by a Radius-enabled device configured with the same shared
secret. The shared secret is a case-sensitive string that can include letters, numbers, or
symbols. Ensure the shared secret is at least 22 characters long to protect the Radius server
from brute-force attacks.

Retries

Displays the maximum number of times for the switch to retransmit a Radius Server frame
before it times out the authentication session.

Timeout

Displays the maximum time (in seconds) the switch waits for the Radius Server’s
acknowledgment of authentication request packets before the switch times out of the
session.

Radius Server Index

Revise the numerical

Index

value for the Radius Server to help distinguish this Radius Server

from other servers with a similar configuration (if necessary). The maximum number that can
be assigned is 32.

Radius Server IP
Address

Modify the IP address of the external Radius server (if necessary). Ensure this address is a
valid IP address and not a DNS name.

Radius Server Port

Change the TCP/IP port number for the Radius Server (if necessary). The port range available
for assignment is from 1 - 65535.

Number of retries to
communicate with
Radius Server

Revise (if necessary) the maximum number of times for the switch to retransmit a Radius
Server frame before it times out the authentication session. The available range is between
0 - 100.

Time to wait for
Radius Server to reply

Revise (if necessary) the maximum time (in seconds) the switch waits for the Radius Server’s
acknowledgment of authentication request packets before the switch times out of the
session. The configurable range is between 1 - 1000 seconds.

Encryption key shared
with Radius Server

Enter the encryption key the switch and Radius Server share and must validate before the user
based authentication provided by the Radius Server can be initiated.