beautypg.com

Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 1067

background image

1058

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

17

Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000

Service Platforms — Brocade Mobility RFS9510

Syntax:

local realm

Parameters

local realm

Example

rfs7000-37FABE(config-radius-server-policy-test)#local realm realm1

rfs7000-37FABE(config-radius-server-policy-test)#show context

radius-server-policy test

authentication eap-auth-type tls

crl-check

local realm realm1

ldap-server primary host 172.16.10.19 port 162 login "motorolasol" bind-dn

"bind-dn1" base-dn "base-dn1" passwd 0 motorolasol@123 passwd-attr moto123

group-attr group1 group-filter "groupfilter1" group-membership

groupmembership1 net-timeout 2

ldap-server dead-period 100

rfs7000-37FABE(config-radius-server-policy-test)#

Related Commands:

nas

radius-server-policy

Configures the key sent to a RADIUS client

A RADIUS client is a mechanism to communicate with a central server to authenticate users and
authorize access to the controller, service platform or Access Point managed network.

The client and server share a secret (a password). That shared secret followed by the request
authenticator is put through a MD5 hash algorithm to create a 16 octet value which is XORed with
the password entered by the user. If the user password is greater than 16 octets, additional MD5
calculations are performed, using the previous ciphertext instead of the request authenticator. The
server receives a RADIUS access request packet and verifies the server possesses a shared secret
for the client. If the server does not possess a shared secret for the client, the request is dropped.
If the client received a verified access accept packet, the username and password are considered
correct, and the user is authenticated. If the client receives a verified access reject message, the
username and password are considered to be incorrect, and the user is not authenticated.

Supported in the following platforms:

realm

Configures a local RADIUS realm

– Sets a local RADIUS realm name (a string not exceeding 50 characters)

no

Removes the RADIUS local realm

See also other documents in the category Brocade Computer Accessories: