34
5. System Configuration
5.2.3.1 RADIUS Settings
To allow authentication and authorization for the KVM over IP Console Station through a RADIUS server, perform the following:
1. Check Enable.
2. Select Preferred or Alternate RADIUS server.
3. Fill in the IP addresses and service port numbers for the Preferred and Alternate RADIUS servers. You can use the IPv4
address, the IPv6 address or the domain name in the IP fields.
4. Select the
Authentication
Type: PAP or CHAP.
5. In the Timeout field, set the time in seconds that the KVM over IP console station waits for a RADIUS server reply before it
times out.
6. In the Retries field, set the number of allowed RADIUS retries.
7. In the Shared Secret field, key in the character string that you want to use for authentication between the KVM over IP
console station and the RADIUS Server. A minimum of 6 characters is required.
8. On the RADIUS server, Users can be authenticated with any of the following methods:
• Set the entry for the user as
su/xxxx
, where
xxxx
represents the Username given to the user when the account was created
on the KVM over IP console station.
• Use the same Username on both the RADIUS server and the KVM over IP Console Station.
• Use the same Username name on both the RADIUS server and the KVM over IP console station.
In each case, the user’s access rights are the ones assigned that were assigned when the User of Group was created on the
KVM over IP console station (see section
4.1.3 Adding a Device
).
5.2.3.2 AD/LDAP Settings
To allow authentication and authorization for the KVM over IP Console Station via AD/LDAP, refer to the information in the
table, below:
Item
Action
Enable
Check the checkbox to enable AD/LDAP authentication and authorization.
Type
Click the drop down menu to select between AD/LDAP.
Server IP
Select Preferred or Alternate LDAP Server and fill in the IP address and port number for the
LDAP or LDAPS server.
• You can use the IPv4 address, the IPv6 address or the domain name in the LDAP Server
field.
• For LDAP, the default port number is 389.
Timeout
Consult the AD/LDAP administrator to ascertain the appropriate entry for this field. For
example, the entry might look like this:
Admin DN
ou=B064-008-01-IPG,dc=Tripp Lite,dc=com
Admin Name
Key in the administrator user name.
Password
Key in the administrator password.
Search DN
Set the distinguished name of the search base. This is the domain name where the search
starts for user names.