600CHAPTER 14: BULK CONFIGURATION
There is a security risk associated with configuring RADIUS secrets on the devices over the network because the SNMP protocol that 3Com Network Director uses to configure the devices is unencrypted. It is possible that a user of the network could deliberately intercept the packets sent out during the bulk configuration operation and determine from them the RADIUS secret used. This risk can be reduced by scheduling bulk configuration of RADIUS secrets to take place out of office hours, or eliminate the risk by configuring the devices individually using a console connection.
The RADIUS Servers feature places restrictions on the values that can be set for the following parameters:
Table 92 RADIUS servers feature restrictions
Parameter | Restriction |
|
|
IP Address | The IP address of a RADIUS server. The same address |
| cannot be entered for both a primary and a backup |
| authentication or accounting server. However, the same |
| address can be used as both an authentication and |
| accounting server if desired. |
Port | The port on which the RADIUS service is available. The port |
| must be in the range |
Secret | The shared secret has a maximum length of 30 characters |
| and a minimum length of 8 characters. |
Timeout | The timeout for RADIUS authentication and accounting |
| requests. The timeout must be in the range |
Retries | The number of retries for RADIUS authentication and |
| accounting requests. The number of retries must be in the |
| range |
|
|
Configuring System Information
The System Information feature allows the configuration of the basic device summary information that the devices make available to network management applications.