Enterasys Networks 6E2xx, 6G3xx, 6H2xx, 6H3xx 3.9.1 Setting the Last Resort Authentication, 3.9.2 Setting the Local and Remote Servers

Radius Configuration Screen

3-34 Accessing Local Management

3.9.1 Setting the Last Resort Authentication

The Radius client can be configured to use primary and secondary servers. If the primary server

does not respond within the specified number of retries during the specified time-out period, the

client will then attempt to authenticate using the secondary server. If the secondary server also

does not respond, then the client returns a time-out condition.

The “last resort” platform action in case of Radius server time-out for both local and remote access

is selectable for each type of access:

•Local login via the COM port.

•Remote login via a remote network TELNET connection.

3.9.2 Setting the Local and Remote Servers

Before setting the parameters, refer to Section 3.6.1 and Section 3.9.1 for a better understanding of

Radius Servers and Last Resort Authentication. To set the local and remote server, proceed as

follows:

1. Highlight the Timeout field and enter the maximum time in seconds to establish contact with

the Radius Server before timing out.

2. Highlight the Retries field and enter the desired maximum number of attempts (1…N) to contact

the Radius Server before timing out.

3. Highlight the Last-Resort Action/Local field and select ACCEPT, CHALLENGE, or

REJECT to allow local access at the super-user level with no further attempt at authentication;

revert local module to (legacy) passwords, or not allow local access.

4. Highlight the Last-Resort Action/Remote field select ACCEPT, CHALLENGE, or

REJECT to allow remote access at the super-user level with no further attempt at

authentication, revert remote module to (legacy) passwords, or not allow remote access,

respectively.

5. Use the arrow keys to highlight the IP Address field and enter the IP address (in decimal-dot

format) of the primary and secondary servers being configured for the RADIUS function.

6. Highlight the Secret field and enter a secret string of characters or the primary and secondary

server (16 characters are recommended as per RFC 2865. The maximum is 32 characters).

7. Highlight the Auth Port field and enter the number of the Accounting UDP Port for the Primary

and Secondary server.

8. Use the arrow keys to highlight the SAVE command and press ENTER to save your settings.