Configuring radius authentication – Allied Telesis AT-S100 User Manual
Page 58
Chapter 2: Configuring the AT-S100 Software
58
For more information about the 802.1x commands, see Chapter 6, “802.1x
Access Control Commands” on page 197.
Configuring
RADIUS
Authentication
For those networks managed by just one or two network managers, you
might not need any additional accounts. In the case of larger networks that
are managed by several network managers, you may want to give each
manager his or her own management login account for a switch rather
than have them share an account.
This is where authentication protocols such as RADIUS can be useful.
RADIUS is an acronym for Remote Authentication Dial In User Services.
You can use RADIUS to transfer the task of validating management
access from the switch to an authentication protocol server, enabling you
to create your own manager accounts.
With RADIUS you can create a series of username and password
combinations that define who can manage the switch.
There are three basic functions an authentication protocol provides:
Authentication
Authorization
Accounting
When a network manager logs in to a switch to manage the device, the
switch passes the username and password entered by the manager to the
authentication protocol server. The server checks to see if the username
and password are valid. This is referred to as authentication.
If the combination is valid, the authentication protocol server notifies the
switch and the switch completes the login process, allowing the manager
to manage the switch.
If the username and password are invalid, the authentication protocol
server notifies the switch and the switch cancels the login.
Authorization defines what a manager can do after logging in to a switch.
The final function of an authentication protocol is keeping track of user
activity on network devices, referred to as accounting. The AT-S100
Management Software does not support RADIUS accounting as part of
manager accounts.
Note
This manual does not explain how to configure a RADIUS server.
For instructions, refer to the documentation included with the
RADIUS server software.