Allied Telesis AT-S79 manual Radius Overview

RADIUS

Implementation

Guidelines

RADIUS (Remote Authentication Dial In User Services) is an authentication protocol for enhancing the security of your network. The protocol transfers the task of authenticating network access from a network device to an authentication protocol server.

The AT-S79 management software comes with RADIUS client software. You can use the client software together with 802.1x port-based network access control, described in Chapter 10, “802.1x Port-based Network Access Control” on page 129, to control which end users and end nodes can send packets through the switch.

What do you need to use the RADIUS protocol? Following are the main points.

ˆYou must install RADIUS server software on a network server or management station. Authentication protocol server software is not available from Allied Telesyn.

ˆThe RADIUS server must be communicating with the switch through a port that is an untagged member of the Default VLAN.

ˆIf the RADIUS server is on a different subnet from switch, be sure to specify a default gateway in the System IP Configuration Menu, shown in Figure 5 on page 31, so that the switch and server can communicate with each other.

ˆYou need to configure the RADIUS server software on the authentication server by specifying the username and password combinations. The maximum length of a username or password is 12 alphanumeric characters.

Note

This manual does not explain how to configure RADIUS server software. Refer to the documentation that came with the software for instructions.

ˆYou must activate the RADIUS client software on the switch using the AT-S79 management software and configure the settings. This is explained in “Configuring the RADIUS Client” on page 143. By default, authentication protocol is disabled.

Note

For more information on the RADIUS authentication protocol, refer to the RFC 2865 standard.