Black Box LWN600CM-1 Podręcznik Użytkownika Pobierz pdf (Strona 112)

724-746-5500 | blackbox.com

Page 112

724-746-5500 | blackbox.com

Chapter 9: Common Configuration Examples

Object Name: AuthServer-10.1.1.10

Enter the following, and then click Apply to add the IP address to the address configuration:

IP Entry: 10.1.1.10

Type: Global

Setting the type as "Global" means that SmartPath EMS VMA applies the IP entry to all SmartPath APs that include

the IP address/host name object in their configuration.

Description: RADIUS auth server at 10.1.1.10

Click “Save” to save the address configuration and return to the AAA Client Settings page.

IP Address/Domain Name: AuthServer-10.1.1.10 (This is the address that you just created.)

Server Type: Authentication

You can define the service that the RADIUS server provides: authentication, accounting, or both (auth/acct). In this example,

the server only authenticates users, so there is no need to enable accounting. When RADIUS accounting is enabled, the

RADIUS authenticators report the status and cumulative length of RADIUS supplicant sessions to the RADIUS authentication

server. Accounting is often used to track client activity so that users can be accurately charged for network use. It is also

sometimes used to gather statistics about general network usage.

SharedSecret:t6bEdmNfot3vW9vVr6oAz48CNCsDtInd

ConfirmSecret:t6bEdmNfot3vW9vVr6oAz48CNCsDtInd

The shared secret that you enter here must exactly match that on the RADIUS authentication server. Because the

authentication server and authenticators use it to verify each other’s identities when establishing a RADIUS session, it is

important that the shared secret be fairly strong. Therefore, you use the longest string possible—32 alphanumeric

characters—randomly arranged. To see the text strings that you enter, clear the Obscure Password checkbox.

Server Role: Primary

To provide server redundancy, you can configure up to four RADIUS servers, designating one as the primary server and the

others as backup servers. The RADIUS authenticators only send RADIUS authentication requests to the backup servers when

the primary server becomes unreachable. Because only one RADIUS server is configured in this example, it must be designated

as the primary.

To add the RADIUS authentication server to the AAA client settings configuration, click Apply.

In the Advanced Settings section, you can change the RADIUS authentication port number, enable RADIUS accounting, and

change the RADIUS accounting port number. For this example, keep their default values.

Authentication Port: 1812

UDP port 1812 is the default port number on which RADIUS servers listen for authentication requests. In this example,

the RADIUS server is using the default port number. If your RADIUS server listens on a different port, make sure that you

enter that port number here.

Accounting Port: 1813

UDP port 1813 is the default port number on which RADIUS accounting servers listen for accounting reports. In this

example, accounting is not enabled, so this setting is irrelevant.

You can expand the Optional Settings section at the bottom of the page to modify additional settings pertaining to RADIUS;

however, the default settings work well for this example and do not need to be changed.

Retry Interval: 600 seconds (the default setting)

1 2 ... 107 108 109 110 111 112 113 114 115 116 117 ... 191 192

Brak uwag

Black Box LWN600CM-1 Podręcznik Użytkownika Strona 112