ADTRAN 600R manual Radius Server, Ppp

Page 35

Total Access 600R User Interface Guide (UIG)

Radius Server

The parameters for the RADIUS server are configured in this menu. The RADIUS server can be used for authenticating a PPP peer (if defined under SECURITY/AUTHENTICATION) and for Telnet server ses- sions.

PRIMARY SERVER

SECONDARY SERVER

UDP PORT

SECRET

RETRY COUNT (1-10)

This is the IP address of the first RADIUS server that the Total Access 600R should attempt to communicate with when authenticating a PPP peer. Default is 0.0.0.0.

This is the IP address of the back-up RADIUS server that the 600R should attempt to communicate with when the primary server does not respond. Default is 0.0.0.0.

This is the UDP port that the 600R should use when communicating with the RADIUS server. The default is 1645, which is the commonly used port.

The RADIUS server and 600R share this text string. It is used by the RADIUS sever to authenticate the 600R, the RADIUS client. The factory default is not to use a secret.

This is the number of times the 600R should send a request packet to the RADIUS server without a response before giving up. If the number of attempts to communicate with the primary server is equal to the retry count, the secondary server (if defined) is tried. If the secondary server does not respond within the retry count, the PPP peer (or Telnet session) is not authenticated and is dropped. The default is 5.

PPP

The PPP peer can be authenticated using three standard methods: PAP (Password Authentication Proto- col), CHAP (Challenge Handshake Protocol) and EAP (Extensible Authentication Protocol). The strength of the authentication is determined in the order EAP, CHAP, followed by PAP, where EAP is the strongest and PAP is the weakest. PAP is a clear-text protocol, which means it is sent over the PPP link in a readable format. Care must be taken not to allow highly sensitive passwords to become com- promised using this method. CHAP and EAP use a one-way hashing algorithm which makes it virtually impossible to determine the password. EAP has other capabilities which allow more flexibility than CHAP. The following selections are possible:

PAP, CHAP, OR EAP

CHAP OR EAP (DEF)

EAP

The 600R will ask for EAP during the first PPP LCP negotiation and allow the PPP peer to negotiate down to CHAP or PAP.

The 600R will ask for EAP during the first PPP LCP negotiation and allow the PPP peer to negotiate down to CHAP but not PAP.

The 600R will only allow EAP to be negotiated. If the PPP peer is not capable of doing EAP, then the connection will not succeed.

64200600L1#T-31A

© 2002, ADTRAN, Inc.

Page 35

Page 34 Page 36
Image 35
Page 34 Page 36
Contents Total Access 600R To the Holder of the Manual TrademarksSafety Instructions REN/SOC FIC Usoc Federal Communications Commission FCC Statement Total Access 600R User Interface Guide UIG Affidavit Requirements for Connection to Digital Services Total Access 600R User Interface Guide UIG Total Access 600R User Interface Guide UIG Limited Product Warranty Warranty and Customer ServicePre-Sales Inquiries and Applications Support Customer Service, Product Support Information, and TrainingRepair and Return Training Installation and Maintenance SupportPost-Sale Support Table of Contents Total Access 600R User Interface GuideFigures Extended Help Navigation Help Tool Tip System Time Terminal Menu WindowMenu Path Left Pane StatusWindow Panes Right Window Pane Notation Navigating using the Keyboard KeysWindow Pane Navigation Moving through the Menus Configuration Keystrokes Security Level Description Password Security LevelSelecting the Appropriate Menu Security LevelsSystem Infosystem Contact System InfoSystem Infosystem Name System Infosystem LocationSystem Infofirmware Revision System Infobootcode RevisionSystem Infopart Number System Infoserial NumberSystem Configtelnet Access System ConfigSystem Configoperating Mode System CONFIGT1 Timing ModeSystem Configtelnet User Listlevel System Configtelnet User Listauthen MethodSystem Configtelnet User Listpassword System Configtelnet User Listidle Time MinsSystem Configsnmp Menutrapsmanager IP System Configsnmp Menu System Configsnmp MenuaccessSystem Configsnmp Menucommunitiesprivilege System Configsnmp Menucommunitiesmanager IPSystem Configsnmp Menufdlaccept ALL Snmp System Configsnmp Menufdlfar END IP AddressSystem Configsnmp Menufdlip Netmask System Configsnmp Menufdllearn AddressSystem Configmaint Port Menustop Bits System Configmaint Port Menubaud RateSystem Configmaint Port Menudata Bits System Configmaint Port MenuparitySystem Confignetwork Timestatus System Confignetwork Timeadjust for Daylight SavingSystem Confignetwork Timehost Address System Confignetwork TimerefreshSystem Utilityupgrade Firmwarestart Transfer System Utilityupgrade Firmwaretftp Server AddressSystem Utilityupgrade Firmwaretftp Server Filename System Utilityupgrade Firmwaretransfer StatusSystem Utilityconfig Transfercurrent Transfer Status System Utilityconfig Transfertransfer TypeSystem Utilityconfig Transfertftp Server IP Address System Utilityconfig Transfertftp Server FilenameSystem Utilitypingsource Address System Utilityterminal ModeSystem Utilityping System UTILITYPINGSTART/STOP System Utilitypinghost AddressRouter Menus Routerconfig RouterconfigglobalDhcp Server RouterconfigglobalipMode Static RoutesUDP Relay RouterconfigglobalbridgeRouterconfigglobalsecurity AuthenticationPPP Radius ServerFilter Defines Hexadecimal format Default isIP address compared to the source address dotted decimal RIP RouterconfigethernetRouterconfigethernetprimary IP Proxy ARP Routerconfigethernetsecondary IPSRouterconfigethernetmac Address RouterconfigwanRouterconfigwanppp Profile ROUTERCONFIGWANL2 ProtocolNAT Total Access 600R User Interface Guide UIG SPECIFIED. Default is PPP peer’s IP address or network can be set here, if known Bridge Fined in the F Ilters /I N E Xceptions list FiltersPolling Frequency Routerconfigwanframe RelayMaintenance Protocol Dlci Mapping 0.0 TCP or UDP Choices are ANY Port and SPECIFIED. Default is ANY Port Bridge Map Filter Routerstatus Maintenance DlciBecn Timeout msec Port RouterstatussessionRouterstatussessionppp Session Routerstatussessionframe RelayRouterstatusarp Cachemac Address PVC’sRouterstatusarp Cache Routerstatusarp Cacheip AddressRouterstatusbridge Tableport Routerstatusarp CachetimeRouterstatusbridge Table Routerstatusbridge Tablemac AddressRouterstatuswan Stats Routerstatusip RoutesflagsRouterstatusip Routeshops Routerstatusip RoutesttlRouterlogs Routerstatusip StatsRouterlogsppp LOG Routerlogssyslog HostModulesmodulesmenu Modules Menus ModulesmodulesModulesmodulesslt ModulesmodulestypeModulesmodulesmenuequalization ModulesmodulesalarmModulesmodulesmenuformat Modulesmodulesmenuline CodeModulesmodulestesttest Status ModulesmodulestestModulesmodulestestloc LB Modulesmodulestestrem LBMODULESDS0 Maps ModulesmodulesstatuslcvModulesmodulesstatusslp ModulesmodulesstatusuasMODULESDS0 Mapsmap 2PORT MODULESDS0 Mapsmap 2SLOTDS0 Mapping Instructions Step Action DS0 MappingStep Action Setting up Routing OptionsGlobal IP Setup Global IP Setup InstructionsEthernet IP Setup Ethernet IP Setup Instructions Step Action WAN IP Setup PPP IP Setup Instructions WAN IP SetupWAN IP Setup Frame Relay IP Setup Instructions WAN IP Setup IP Routing with NAT Step Action Total Access 600R User Interface Guide UIGWAN Bridging PPP Bridge Setup Instructions Step Action Setting up Bridging OptionsWAN Bridging Frame Relay Bridge Setup Map DLCIs Step Action WAN Bridging PPP Bridge Setup InstructionsTotal Access 600R User Interface Guide UIG

600R specifications

The ADTRAN 600R is a sophisticated router designed to meet the demands of modern telecommunications and networking environments. This device is specifically engineered to support high-speed connectivity and efficient data transmission, making it a preferred choice for service providers and enterprises alike. It integrates advanced features and technologies that enhance performance, scalability, and flexibility.

One of the standout features of the ADTRAN 600R is its robust support for various WAN technologies. It offers versatile connectivity options, including Ethernet, T1, and DS3 interfaces, allowing seamless integration with existing network infrastructures. This adaptability is crucial for organizations looking to upgrade their systems without undergoing a complete overhaul.

In terms of performance, the ADTRAN 600R is equipped with a powerful processor, enabling it to handle high traffic loads efficiently. With support for multiple Gigabit Ethernet and a high-capacity backplane, the router ensures minimal latency and maximizes throughput, making it ideal for bandwidth-intensive applications such as video conferencing, cloud services, and real-time data processing.

The ADTRAN 600R also prioritizes security and reliability. It incorporates advanced security features such as built-in firewalls and virtual private network (VPN) capabilities. These features provide strong protection against cyber threats while facilitating secure remote access for users. The router's high availability and redundancy options, including load balancing and failover capabilities, ensure continuous operation even in the event of hardware failure.

Management and configuration of the ADTRAN 600R are simplified with a user-friendly interface and support for SNMP and CLI management. This ease of use allows network administrators to monitor performance, troubleshoot issues, and implement changes swiftly, enhancing overall network efficiency. Additionally, the router supports Quality of Service (QoS) protocols, ensuring that critical applications receive the appropriate bandwidth and priority.

In conclusion, the ADTRAN 600R is a feature-rich router that combines cutting-edge technology, high performance, and comprehensive security features. Its flexibility in supporting various WAN technologies and management tools makes it an excellent choice for businesses seeking to enhance their networking capabilities. With its ability to deliver reliable and efficient connectivity, the ADTRAN 600R stands out as a strategic asset for any organization aiming to thrive in a data-driven world.
Top Page Image Contents