Bay Networks Radius Manual de usuario descargar pdf (Pagina 9)

Nortel Switch User Authentication

Technical Configuration Guide v1.0 NN48500-589

___________________________________________________________________________________________________________________________

External Distribution

2.1 Part 1: Basic AAA Configuation

2.1.1 ERS8600 Configuration

Assuming we are using the out-of-band management port.

2.1.1.1 Add out-of-band IP address

ERS8600-1 Step 1 – Add out-of-band IP address and route

ERS-8606:5# config bootconfig net mgmt ip 47.133.60.25/24

ERS-8606:5# config bootconfig net mgmt route add 47.0.0.0/8 47.133.60.1

2.1.1.2 Enable RADIUS

ERS8600-1 Step 1 – Add RADIUS server, enable RADIUS, and enable RADIUS accounting

ERS-8606:5# config radius server create 47.133.56.101 secret nortel priority 1

ERS-8606:5# config radius enable true

ERS-8606:5# config radius acct-enable true

ERS-8606:5# config radius acct-include-cli-commands true

When configuring the RADIUS server on the ERS8600, you can configure the switch

with a RADIUS source-IP address which in turn will be the IP address used for RADIUS

requests. The RADIUS source-IP address must be a circuit-less IP address (CLIP) or

otherwise known as a loopback address. If you do not enable a RADIUS source-IP

address, by default, the ERS8600 uses the IP address of the outgoing interface as the

source IP address for RADIUS. Unfortunately, although you can create and enable a

RADIUS source-IP when using the out-of-band management port, this feature is not

supported on the out-of-band management port. Hence, if you have two CP cards, you

will have to configure two RADIUS Authenticators on the RADIUS server.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 ... 95 96

Sin comentarios

Bay Networks Radius Manual de usuario Pagina 9