Manuals / Black Box / Computer Equipment / Switch

Black Box 24 + or 48 + 4-Port Gigabit Managed Switch with SFP+ 10G, LGB5052A, LGB5028A Security

Models: LGB5028A LGB5052A 24 + or 48 + 4-Port Gigabit Managed Switch with SFP+ 10G

1 232
Download 232 pages 37.76 Kb
Page 194
Image 194

Chapter 7: Security

Parameter Description

Authentication Server Configuration

Timeout: The Timeout, which can be set to a number between 3 and 3600 seconds, is the maximum time to wait for a reply from a server.

If the server does not reply within this timeframe, we will consider it to be dead and continue with the next enabled server (if any).

RADIUS servers are using the UDP protocol, which is unreliable by design. To cope with lost frames, the timeout interval is divided into 3 subintervals of equal length. If a reply is not received within the subinterval, the request is transmitted again. This algorithm causes the RADIUS server to be queried up to 3 times before it is considered to be dead.

Dead Time: The Dead Time, which can be set to a number between 0 and 3600 seconds, is the period during which the switch will not send new requests to a server that has failed to respond to a previous request. This will stop the switch from continually trying to contact a server that it has already determined is dead.

Setting the Dead Time to a value greater than 0 (zero) will enable this feature, but only if more than one server has been configured.

TACACS+ Authorization and Accounting Configuration

Authorization: Select Enabled or Disabled.

Fallback to Local Authorization: Select Enabled or Disabled.

Accounting: Select Enabled or Disabled.

RADIUS Authentication Server Configuration

The table has one row for each RADIUS authentication server and a number of columns:

#: The RADIUS authentication server number for which the configuration below applies.

Enabled: Enable the RADIUS authentication server by checking this box.

IP Address/Hostname: The IP address or hostname of the RADIUS authentication server. IP address is expressed in dotted decimal notation.

Port: The UDP port to use on the RADIUS authentication server. If the port is set to 0 (zero), the default port (1812) is used on the RADIUS authentication server.

Secret: The secret—up to 29 characters long—shared between the RADIUS authentication server and the switch.

RADIUS Accounting Server Configuration

The table has one row for each RADIUS accounting server and a number of columns:

#: The RADIUS accounting server number for which the configuration below applies.

Enabled: Enable the RADIUS accounting server by checking this box.

IP Address/Hostname: The IP address or hostname of the RADIUS accounting server. IP address is expressed in dotted decimal notation.

Port: The UDP port to use on the RADIUS accounting server. If the port is set to 0 (zero), the default port (1813) is used on the RADIUS accounting server.

Secret: The secret—up to 29 characters long—shared between the RADIUS accounting server and the switch.

TACACS+ Authentication Server Configuration

The table has one row for each TACACS+ authentication server and a number of columns:

#: The TACACS+ Authentication Server number for which the configuration below applies.

Page 194

724-746-5500 blackbox.com

LGB5028A User‘s Manual

 

 

Page 193 Page 195
Page 194
Image 194
Black Box 24 + or 48 + 4-Port Gigabit Managed Switch with SFP+ 10G, LGB5052A, LGB5028A user manual Security
Page 193 Page 195