To configurea R ADIUS authenticationserver:
Performth e following p rocedure to configure a RADIUS auth entication server wh en the
console server or any of its po rts are configured to u se RADIUS authenticat ion method or a ny
of its variation s (Local/RADIUS, RADIUS/Local o r RADIUS/DownLocal).
1. Go to Security - Au thentication - RADIUS in Expert mode.
2. Fill in the form according to your local RAD IUSserver configurati on.
3. Click apply changes.
Group authorizationon RADI US
Group information retrieval from a RAD IUS authentication server adds ano ther layer of security
by adding a netwo rk-based authorization. It retrieves the grou p information from the
authenticati on server and performs an auth orization through the co nsole server.
NOTE: Whenconfiguring the R ADIUS authenticationser ver, selectthe Enable Service-Type attribute checking
checkboxto authorize the consoleserver to retr ievethe level of the user (admin or r egular) based on the Service-
Typeattr ibute from the RADIUS server. De selectthe checkbox to authorize the consoleserver to r etrieve the level
ofuser based on the gr oup_name attribute sent by the RADIUS server.
To configurea TA CACS+ authenticationserver:
Performth e following p rocedure to configure a TACACS+ au thentication server when th e
console server or any of its po rts are configured to u se TACACS+ authent ication method or any
of its variation s (Local/TACACS+, TACACS+/Loc al or TACACS+/Dow nLocal).
1. Go to Security - Au thentication - TACACS+ in Exp ert mode. The TACACS+ form display s.
2. Fill in the form according to your local TACA CS+ serverconfig uration.
3. To apply Authoriza tion in addition to aut hentication to the box and p orts,selec t the
Enable Raccess Autho rization checkbox.
By default, Raccess Au thorization is d isabled and no addition al authorization is
implemented. When Raccess Auth orization is enab led, the autho rization level o f users
trying to access the con sole server or its ports usin g TACACS+ authe ntication is
checked. Users with administrator p rivileges have admin istrative access and u sersw ith
regular user privileges have regula r user access.
4. To specify a time-out period in seconds for each auth entication attempt, typ e a number in
the Timeout field.
If the authenticatio n serverd oes not respond to the clien t’sl ogin attempt before the
specified time perio d, the login attempt is cancelled. The user may retry dep ending on
the number specified in th e Retries field on this form.
94 Cyclades®ACS50 00 Installation/ Administration/User Gu ide