-48 VDC Remote Power Manager
Advanced Operations
139
Installation and Operations Manual
RADIUS
The -48 VDC products support the Remote Authentication Dial-in User Service (RADIUS) protocol. RADIUS
provides a centralized network protocol to enable remote authentication and authorization, such as user names and
passwords. With a central RADIUS server, user accounts do not need to be individually created locally on each CDU.
This allows administrators to pre-define and configure (in each product and in the RADIUS server), a set of necessary
RADIUS privilege levels and user access rights for each level.
RADIUS is also used in enterprise-wide networks because it provides the administrator with high performance, less
memory usage, less CPU cycles on routers and switches, and an open standard that is easily interoperable within the
network.
In addition to the protocol-required attributes, the RADIUS authentication process can be extended by using private
vendor-specific attributes (VSA). This extension allows Server Technology to create its own proprietary attributes to
support features and services using the CDU in the RADIUS authentication process.
RADIUS Command Summary
Command
Description
Set Authorder
Specifies the authentication order for each new session attempt
Set RADIUS
Enables or disables RADIUS support
Set RADIUS…Server
Configures the address of the RADIUS server
Set RADIUS…Secret
Sets the shared secret for the RADIUS server
Set RADIU
S…Port
Sets the port number of the RADIUS server
Set RADIUS…Timeout
Configures the timeout interval for the RADIUS server
Set RADIUS…Retries
Sets the number of retries for the RADIUS server
Show RADIUS
Displays RADIUS configuration settings
Enabling and Setting Up RADIUS Support
The following configuration tasks are required to properly enable and set up RADIUS support on the primary and
secondary RADIUS servers.
Enabling and disabling RADIUS support:
The Set RADIUS command enables or disables RADIUS support.
To enable or disable RADIUS support:
At the Switched -48 VDC: prompt, type
set radius
, followed by
enabled
or
disabled
, and press
Enter
.
Setting the authentication order:
The Set Authorder command sets the authentication order for remote authentication sessions. The CDU supports two
methods for authentication order: Remote > Local and Remote Only.
The Remote > Local method first attempts authentication with the RADIUS server, and, if unsuccessful, then attempts
authentication with the local user database on the CDU.
The Remote Only method attempts authentication only with the RADIUS server, and, if unsuccessful, access is denied.
NOTE:
With the Remote Only method, if authentication fails due to a communication failure with the RADIUS server, automatic
authentication fallback will occur to authenticate with the local user data base on the CDU.
To set the authentication order:
At the Switched -48 VDC: prompt, type
set authorder
, followed by
remotelocal
or
remoteonly
and press
Enter
.
NOTE:
It is recommended
not
to set the authentication order to Remote Only until the RADIUS has been fully configured and tested.