External radius servers, Section 8.2.3, “external radius servers – Amer Networks E5Web GUI User Manual

Web Interface

First, create a new user database:

1.

Go to: System > Device > Local User Databases > Add > LocalUserDatabase

2.

Now enter:

•

Name: lan_users

•

Comments: lan auth group

3.

Click OK

Next, add a user to the newly created database:

1.

Go to: System > Device > Local User Databases

2.

Select lan_users

3.

Select Users then Add > User

4.

Now enter:

•

Name: myusername

•

Password: myuserpassword

•

Confirm Password: myuserpassword

•

Groups: lan_group

5.

Click OK

Repeat the last step to add all the members of the group.

8.2.3. External RADIUS Servers

Reasons for Using External Servers

In a larger network topology with a larger administration workload, it is often preferable to have
a central authentication database on a dedicated server. When there is more than one Clavister
Security Gateway in the network and thousands of users, maintaining separate authentication
databases on each device becomes problematic. Instead, an external authentication server can
validate username/password combinations by responding to requests from cOS Core. To provide
this, cOS Core supports the Remote Authentication Dial-in User Service (RADIUS) protocol.

RADIUS Usage with cOS Core

cOS Core can act as a RADIUS client, sending user credentials and connection parameter
information as a RADIUS message to a designated RADIUS server. The server processes the
requests and sends back a RADIUS message to accept or deny them. One or more external
servers can be defined in cOS Core.

Chapter 8: User Authentication

525