39 configuring radius authentication, Ethernet – CANOGA PERKINS CanogaOS Configuration Guide User Manual

CanogaOS Configuration Guide

Proprietary & Confidential Canoga Perkins Metro Ethernet Switches

Page 317 of 350

39 Configuring Radius Authentication

39.1.1 Overview
Authentication verifies users before they are allowed access to the network and network services.
System can use AAA authentication methods and Non-AAA authentication methods. Radius
Authentication is one of AAA authentication methods. Radius is a distributed client/server
system that secures networks against unauthorized access. Radius is widely used protocol in
network environments. It is commonly used for embedded network devices such as routers,
modem servers, switches, etc. Radius clients run on supported Canoga routers and switches.
Clients send authentication requests to a central Radius server, which contains all user
authentication and network service access information.

39.1.2 Usage example

Networking Topology

Linux box

(Radius

Server)

Centec

Switch

Interface eth-0-1

IP: 1.1.1.2/24

IP: 1.1.1.1/24

Ethernet

Management IP: 3.3.3.3/24

Figure 1: RADIUS authentication application

Figure 1 is the networking topology for RADIUS authentication functions. We need one Canoga
Switch and one Linux box to construction the testing bed.
Linux box use as RADIUS server, it ip address of the eth0 interface is 1.1.1.1/24.
Canoga Switch has RADIUS authentication function. The ip address of interface eth-0-1 is
1.1.1.2/24. The management ip address of Canoga switch is 3.3.3.3/24.

Configuration Steps

For Linux Box

Step 1: login as root
#