The express xl/xlt as the authenticatee – ADTRAN 1200070L1 User Manual
Page 81
Chapter 3: Terminal Menu Operation and Structure
61200.070L1-1
Express XL/XLT User Manual
65
• When originating an outgoing call:
- Express XL/XLT uses PPP method configured in
Configuration/Security/PPP
.
- Authenticatee’s username is compared to profile used to dial.
• Authenticating with RADIUS:
- When Configuration/Security/Authentication is set to Radius,
authentication is performed by the RADIUS server.
- The Express XL/XLT uses the DEFAULT Connection List profile
for all other parameters not supported by RADIUS attributes.
- RADIUS attributes currently supported are: framed ip, framed net-
mask, framed ipx network, framed routing, framed compression,
and idle timeout.
2.
The Express XL/XLT as the authenticatee:
• When answering an incoming call:
- If the Configuration/Security/Authentication parameter is set
to None, the DEFAULT profile’s Tx Username and Tx Password
are used by
the Express XL/XLT for authenticating itself.
- If the Configuration/Security/Authentication parameter is set
to Connection List or RADIUS, the Express XL/XLT will wait until
the PPP peer is authenticated before authenticating itself (except
when CHAP or EAP is used). If CHAP or EAP is used, the username
transmitted by the PPP peer’s authentication challenge packet is
looked up in the Connection List. If found, the Express XL/XLT
responds with the profile’s Tx Username and Tx Password
parameters. If not found, the DEFAULT profile’s Tx Username
and Tx Password parameters are used.
• When originating an outgoing call:
- The dial-out profile Tx Username and Tx Password are used
regardless of the PPP peer’s username received if CHAP or EAP
is used.
Authentication/Tx Method
Write security: 2; Read security: 3
This parameter specifies how the Express XL/XLT is to be authenticated by
the PPP peer. There are four possible selections. See Security/PPP on page 58
for an explanation of the three PPP standard authentication types.
None
(def) - The connection will not allow the PPP peer to
authenticate it.