Radius overview, Radius implementation guidelines – Allied Telesis AT 8000/8POE User Manual

Chapter 14: RADIUS Authentication Protocol

190

Section I: Using the Menus Interface

RADIUS Overview

RADIUS (Remote Authentication Dial In User Services) is an
authentication protocol for enhancing the security of your network. The
protocol transfers the task of authenticating network access from a
network device to an authentication protocol server.

The AT-S81 management software comes with RADIUS client software.
You can use the client software together with 802.1x network access
control, described in Chapter 13, “802.1x Network Access Control” on
page 175, to control which end users and end nodes can send packets
through the switch.

RADIUS

Implementation

Guidelines

What do you need to use the RADIUS protocol? Following are the main
points.



You must install RADIUS server software on a network
server or management station. Authentication protocol
server software is not available from Allied Telesis.



The RADIUS server must be communicating with the
switch through a port that is an untagged member of
the Default VLAN.



If the RADIUS server is on a different subnet from
switch, be sure to specify a default gateway in the
System IP Configuration Menu, shown in Figure 5 on
page 33, so that the switch and server can
communicate with each other.



You need to configure the RADIUS server software on
the authentication server by specifying the username
and password combinations. The maximum length of a
username or password is 12 alphanumeric characters.

Note

This manual does not explain how to configure RADIUS server
software. Refer to the documentation that came with the software for
instructions.



You must activate the RADIUS client software on the
switch using the AT-S81 management software and
configure the settings. This is explained in “Configuring
the RADIUS Server” on page 192. By default,
authentication protocol is disabled.