Chapter 3 – Software
MultiAccess Communications Server MA30120 User Guide 78
User Authentication > RADIUS Client
Radius Client Settings
When you first enter the Radius Client settings, you first have to identify the line interface and ports
accessible to Radius.
Authentication Type
This option tictates the authorization process performed by the Radius Client. You can choose the
Authentication Type by clicking on the down arrow and choosing from none or radius (the default). None
accepts all request with no security. Radius sends the user crentials to the defined Radius Server for
authorization processing. The other options (tacacs, remote, local and radius/local) listed are not functional
at this time.
Allow Local Logins
The default is No. Setting this to yes allows command shell access to the system with user level access
rights. To achieve this command shell access, the account credentials provided must be that of a local user
and when entered at the time of connecting/authenticating, it must begin with a “!” (exclamation point). For
example, at the Local User’s menu, add the account user name of “troberts” with a password of “58Xz21A”.
Then dial-in, at the login prompt enter “!troberts” as the username and a password of “58Xz21A”. The
Radius Client will strip off the ! and run the credentials against the Local Data base.
Caution:
If you change this to yes and put a”!” before the login name, you could be setting up a potential
security risk. You can use this in an
emergency situation
if your radius server goes down.
RADIUS Server Address 1
The RADIUS Server Address 1 points the client to the primary Radius Server. Enter the IP address of your
primary Radius Server in this window.
Port
The top Port window is the UDP port number that the client communictes with the main Radius Server.
RADIUS Accounting Address 1
Radius Accounting host keeps track of information such as login time, logout time, port number, etc. This is
the IP address of your primary Radius Accounting host
.
Port
The next Port window down is the UDP port number used to communicate with the main Radius
Accounting host.
RADIUS Server Address 2
RADIUS Server Address 2 is used when a back up or secondary Radius Server is used in your network.
Click on the check mark window and enter the IP address of the secondary or back up Radius Server. If a
secondary or back up server is configured, the primary server is tried five times before switching to the
secondary server. They alternate back and forth up to a maximum of 30 times in increments of three
seconds per query.
Port
Enter the port number of the secondary or back up Radius Server in the third Port number window.
RADIUS Accounting Address 2
RADIUS Accounting Address 2 is used when secondary or back up Radius Accounting host is used in your
network. Click on the check mark window and enter the IP address of the secondary or back up Radius
Accounting Server. If a secondary or back up host is configured, the primary host is tried five times before
switching to the secondary host. They alternate back and forth up to a maximum of 30 times in increments
of three seconds per query.
Port
Enter the port number of the secondary or back up Radius Accounting host in the last Port number window.
RADIUS Server Secret
This is the server secret of the Radius Server. MD5 is the standard Radius encryption technique supported
by the MultiAccess. The Radius Server Secret is used for both Address 1 and Address 2. The server secret
is limited to alphanumeric characters (a-z & 0-9) and is case sensitive.
Summary of Contents for MultiAccess MULTIACCESS MA30120
Page 1: ...MA30120 User Guide ...