beautypg.com

Radius security, Setting radius server parameters – Brocade Virtual ADX Administration Guide (Supporting ADX v03.1.00) User Manual

Page 49

background image

Brocade Virtual ADX Administration Guide

37

53-1003249-01

Configuring access control

1

NOTE

If you have previously configured the device to perform command authorization using a RADIUS
server, entering enable aaa console may prevent the execution of any subsequent commands
entered on the console.

This happens because RADIUS command authorization requires a list of allowable commands from
the RADIUS server. This list is obtained during RADIUS authentication. For console sessions,
RADIUS authentication is performed only if you have configured Enable authentication and
specified RADIUS as the authentication method (for example, with aaa authentication enable
default radius). If RADIUS authentication is never performed, the list of allowable commands is
never obtained from the RADIUS server. Consequently, there would be no allowable commands on
the console.

Displaying information about TACACS+ and RADIUS servers

To display information about all TACACS+ and RADIUS servers identified on the device, enter the
following command.

Syntax: show aaa

RADIUS security

You can further secure CLI access to the device by configuring it to consult a RADIUS server to
authenticate user names and passwords. You can configure the device to authenticate Telnet
logins and Enable access on a separate basis.

NOTE

RADIUS authentication is not supported for Web management or IronView access.

Setting RADIUS server parameters

You can identify a RADIUS server and sets other RADIUS parameters, by entering a command such
as the following.

Virtual ADX(config)#radius-server host 10.157.22.99

Virtual ADX#show aaa

Tacacs default key: ...

Tacacs retries: 1

Tacacs timeout: 15 seconds

Tacacs dead-time: 3 minutes

Tacacs Server: IP=10.95.6.90 Port:49 Usage=any

opens=6 closes=3 timeouts=3 errors=0

packets in=4 packets out=4

no connection

Radius default key: ...

Radius retries: 3

Radius timeout: 3 seconds

Radius dead-time: 3 minutes

Radius Server: IP=10.95.6.90 Auth Port=1645 Acct Port=1646 Usage=any

opens=2 closes=1 timeouts=1 errors=0

packets in=1 packets out=4

no connection

See also other documents in the category Brocade Computer Accessories: