beautypg.com

Radius configuration procedure – Brocade Virtual ADX Administration Guide (Supporting ADX v03.1.00) User Manual

Page 101

background image

Brocade Virtual ADX Administration Guide

89

53-1003249-01

Configuring RADIUS security

2

You can select only one primary authentication method for each type of access to a device (CLI
through Telnet, CLI Privileged EXEC and CONFIG levels). For example, you can select RADIUS as
the primary authentication method for Telnet CLI access, but you cannot also select TACACS+
authentication as the primary method for the same type of access. However, you can configure
backup authentication methods for each access type.

RADIUS configuration procedure

Use the following procedure to configure a Brocade Virtual ADX for RADIUS.

1. Configure Brocade vendor-specific attributes on the RADIUS server. Refer to

“Configuring

Brocade-specific attributes on the RADIUS server”

on page 89.

2. Identify the RADIUS server to the Brocade Virtual ADX. Refer to

“Identifying the RADIUS server

to the Brocade Virtual ADX”

on page 90.

3. Set RADIUS parameters. Refer to

“Setting RADIUS parameters”

on page 91.

4. Configure authentication-method lists. Refer to

“Configuring authentication-method lists for

RADIUS”

on page 92.

5. Optionally configure RADIUS authorization. Refer to

“Configuring RADIUS authorization”

on

page 94.

6. Optionally configure RADIUS accounting.

“Configuring RADIUS accounting”

on page 96.

Configuring Brocade-specific attributes on the RADIUS server

During the RADIUS authentication process, if a user supplies a valid username and password, the
RADIUS server sends an Access-Accept packet to the Brocade Virtual ADX, authenticating the user.
Within the Access-Accept packet are three Brocade vendor-specific attributes that indicate:

The privilege level of the user

A list of commands

Whether the user is allowed or denied usage of the commands in the list

You must add these three Brocade vendor-specific attributes to your RADIUS server’s configuration,
and configure the attributes in the individual or group profiles of the users that will access the
Brocade Virtual ADX.

Brocade’s Vendor-ID is Vendor-Type 1. The following table describes the Brocade vendor-specific
attributes.

See also other documents in the category Brocade Computer Accessories: