Raritan Computer MCIP18 User Manual

Page 51

background image

C

HAPTER

4:

R

EMOTE

M

ANAGEMENT AND

O

PERATION

43

RADIUS protocol itself is well specified and tested. Currently, Raritan does not support
challenge/response. An Access Challenge response is seen and evaluated as an Access Reject.

To access a remote device using the RADIUS protocol you must first log on, then specify your
username and password. The RADIUS server reads your input data (Authentication) and the
MCIP looks for your profile (Authorization). The profile defines (or limits) your actions. If the
server finds no profile matching your username and password, your access via RADIUS is
refused. In terms of the remote activity mechanism, login via RADIUS works similar to the
Remote Console. If there is no activity for half an hour your connection to the MCIP will be
interrupted and closed.

Type either the IP address or the hostname of the RADIUS Server to be connected in the Server
field. If you use a name, you must configure a DNS server in the network settings.

Type a text string that serves as a password between the RADIUS client and RADIUS server in
the Shared Secret field. In this case the MCIP serves as a RADIUS client. A shared secret is
used to verify that RADIUS messages are sent by a RADIUS-enabled device that is configured
with the same shared secret and to verify message integrity. Use any standard alphanumeric and
special characters, up to 128 characters in length containing upper- and lowercase letters and
symbols.

Note: Shared Secrets serve as the values for RADIUS server and MCIP to communicate with
each other during authentication.

Type the port to which the RADIUS server listens for authentication requests in the
Authentication Port field (default: 1812).

Type the port to which the RADIUS server listens for accounting requests in the Accounting
Port
field (default: 1813).

Type the request time-to-live (in seconds) in the Timeout field (default: 1). Time-to-live is the
duration you must wait for the completion of the request. If the request job is not completed
within this interval, it is cancelled.

Type the number of retries if a request cannot be completed in the Retries field (default: 3).

Note: Username and password information on LDAP/RADIUS server MUST also be created on
MCIP unit for authentication to process.