Foundry NetIron M2404C and M2404F Metro Access Switches
Configuring Switch Authentication Features (Rev. 03)
Remote Authentication Dial in User Service (RADIUS) © 2008 Foundry Networks, Inc.
Page 25 of 70
RADIUS Default Configuration
Table 6
shows the RADIUS default configuration.
Table 6: RADIUS Default Configuration
Parameter
Default Value
UDP authentication port number
1812
Number of retransmits
3
RADIUS Server timeout
3 seconds
RADIUS Server dead time
3 authentication sessions
IP stack
Chooses the source IP address
Configuring RADIUS
To configure the RADIUS client, proceed as follows:
•
Set the IP address of the RADIUS server (the user may add five RADIUS servers). See
Defining the Remote RADIUS Server
.
•
Set the authentication and encryption key used between the device and the RADIUS daemon
running on the RADIUS server. See
Setting the Authentication and Encryption Key
.
•
If the user is using the local database, add usernames and passwords to the local database.
To configure the RADIUS server, proceed as follows:
In addition to the RADIUS configuration (as described in the FreeRADIUS README file) the
user has to proceed according to the following steps, in order to ensure the correct user privileges.
If the user do not follow these steps, all the users that will be connected to the device will have the
lowest privilege.
1.
Copy an additional “dictionary.foundry” file (containing the information as below) into the
folder in which the rest of the RADIUS configuration files are installed.
# Foundry vendor specific dictionary
# Copyright (C) 2007 Foundry Networks
#
# Foundry Attributes
#
# example freeradius user entry:
#
# test
Auth-Type := Local, User-Password == "test"
#
Reply-Message = "Welcome, %u",
#
Foundry-privilege-group = Network-admins
#
VENDOR Foundry
1991
ATTRIBUTE
Foundry -privilege-group
1
integer Foundry