Chapter 11: RADIUS Authentication Protocol
142 Section I: Using the Menus Interface
RADIUS OverviewRADIUS (Remote Authentication Dial In User Services) is an
authentication protocol for enhancing the security of your network. The
protocol transfers the task of authenticating network access from a
network device to an authentication protocol server.
The AT-S79 management software comes with RADIUS client software.
You can use the client software together with 802.1x port-based network
access control, described in Chapter 10, “802.1x Port-based Network
Access Control” on page 129, to control which end users and end nodes
can send packets through the switch.
RADIUS
Implementation
Guidelines
What do you need to use the RADIUS protocol? Following are the main
points.
You must install RADIUS server software on a network server or
management station. Authentication protocol server software is not
available from Allied Telesyn.
The RADIUS server must be communicating with the switch through a
port that is an untagged member of the Default VLAN.
If the RADIUS server is on a different subnet from switch, be sure to
specify a default gateway in the System IP Configuration Menu, shown
in Figure 5 on page 31, so that the switch and server can communicate
with each other.
You need to configure the RADIUS server software on the
authentication server by specifying the username and password
combinations. The maximum length of a username or password is 12
alphanumeric characters.
Note
This manual does not explain how to configure RADIUS server
software. Refer to the documentation that came with the software for
instructions.
You must activate the RADIUS client software on the switch using the
AT-S79 management software and configure the settings. This is
explained in “Configuring the RADIUS Client” on page 143. By default,
authentication protocol is disabled.
Note
For more information on the RADIUS authentication protocol, refer
to the RFC 2865 standard.