beautypg.com

Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 298

background image

For password1 , password2 , etc., enter up to 29 ASCII characters.

Be sure to Insert a cursor return (cr ) after each user record.

You can enter up to 30 user records per text file.

Importing a text file of user records from a TFTP server

NOTE
Before importing the file, make sure it adheres to the ASCII text format described in the previous
section,

Creating a text file of user records

on page 297.

To import a text file of user records from a TFTP server to the FastIron switch, enter a command such
as the following.

device(config-localuserdb-userdb1)# import-users tftp 192.168.1.1 filename userdb1

Syntax: import-users tftp ip-address filename filename

The ip-address parameter specifies the IPv4 address of the TFTP server on which the desired text file
resides.

The filename parameter specifies the name of the image on the TFTP server.

Using a RADIUS server as the web authentication method

By default, Web Authentication will use a RADIUS server to authenticate hosts’ usernames and
passwords, unless the device is configured to use the local user database (see the previous section).
To configure the FastIron switch to use a RADIUS server, refer to the RADIUS security section. You
must also perform the following steps.

1. Configure the RADIUS server information on the FastIron switch. Enter a command such as the

following.

device(config)#radius-server host 10.1.1.8 auth-port 1812 acct-port 1813 default

key $GSig@U\

NOTE
Web Authentication will use the first reachable RADIUS server listed in the configuration. The use-
radius-server on individual ports is not supported for Web Authentication.

2. Enable the username and password authentication mode.

device(config-vlan-10-webauth)# auth-mode username-password

3. Enable the RADIUS authentication method. Refer to

Setting the local user database authentication

method

on page 298 or

Setting the web authentication failover sequence

on page 299

Setting the local user database authentication method

By default, the FastIron switch uses a RADIUS server to authenticate users in a VLAN. The previous
section describes how to configure a RADIUS server to authenticate users in a VLAN. To configure
the switch to instead use a local user database to authenticate users in a VLAN, enter the following
command.

device(config-vlan-10-webauth)#auth-mode username-password auth-methods local

Syntax: auth-mode username-password auth-methods local

Importing a text file of user records from a TFTP server

298

FastIron Ethernet Switch Security Configuration Guide

53-1003088-03

See also other documents in the category Brocade Computer Accessories: