Avaya P332G-ML User Manual

Chapter 8

User Authentication

40

Avaya P332G-ML User’s Guide

All transactions between the RADIUS client and server are authenticated through
the use of a “shared secret” which is not sent over the network. The shared secret is
an authentication password configured on both the RADIUS client and its RADIUS
servers. The shared secret is stored as clear text in the client’s file on the RADIUS
server, and in the non-volatile memory of the P330. In addition, user passwords are
sent between the client and server are encrypted for increased security.
Figure 8.1 illustrates the RADIUS authentication procedure:

Figure 8.1

RADIUS Authentication Procedure

User attempts login

Local User

account

authenticated in

switch?

Perform log-in according

to user's priviliege level

to switch

Yes

Authentication

request sent to

RADIUS Server

No

User name and

password

authenticated?

Yes

Authentication Reject

sent to switch

User cannot access switch

embedded managegment

No