Lantronix SLC 8000 manual Tcp, or udp

11: User Authentication

2. Enter the following:

Enable RADIUS

Displays selected if you enabled this method on the User Authentication page. If

you want to set up this authentication method but not enable it immediately, clear

the checkbox.

Note: You can enable RADIUS here or on the first User Authentication page. If

you enable RADIUS here, it automatically displays at the end of the order of

precedence on the User Authentication page.

RADIUS Server #1

IP address or hostname of the primary RADIUS server. This RADIUS server may

be a proxy for SecurID.

SecurID is a two-factor authentication method based on the user's SecurID token

and pin number. The SecurID token displays a string of digits called a token code

that changes once a minute (some tokens are set to change codes every 30

seconds).

Server #1 Port

Number of the TCP port on the RADIUS server used for the RADIUS service. If you

do not specify an optional port, the SLC unit uses the default RADIUS port (1812).

Server #1 Secret

Text that serves as a shared secret between a RADIUS client and the server (SLC

unit). The shared secret is used to encrypt a password sent between the client and

the server. May have up to 128 characters.

RADIUS Server #2

IP address or host name of the secondary RADIUS server. This server can be used

as a SecurID proxy.

Server #2 Port

Number of the TCP port on the RADIUS server used for the RADIUS service. If you

do not specify an optional port, the SLC 8000 advanced console manager uses the

default RADIUS port (1812).

Server #2 Secret

Text that serves as a shared secret between a RADIUS client and the server (SLC

unit). The shared secret is used to encrypt a password sent between the client and

the server. May have up to 128 characters.

Timeout

The number of seconds (1-30) after which the connection attempt times out. The

default is 30 seconds.

Use VSA

Select the check box to obtain remote user attributes (group/permissions and port

access) from the RADIUS server via the Vendor-Specific Attribute (VSA). For

details on the format of the VSA, see User Attributes & Permissions from LDAP

Schema or RADIUS VSA on page 200.

Custom Menu

If custom menus have been created, you can assign a default custom menu to

RADIUS users.

Escape Sequence

A single character or a two-character sequence that causes the SLC unit to leave

direct (interactive) mode. (To leave listen mode, press any key.)

A suggested value is Esc+A (escape key, then uppercase "A" performed quickly

but not simultaneously). You would specify this value as \x1bA, which is

hexadecimal (\x) character 27 (1B) followed by an A.

This setting allows the user to terminate the connect direct command on the

command line interface when the endpoint of the command is deviceport,

tcp, or udp.

Break Sequence

A series of 1-10 characters users can enter on the command line interface to send

a break signal to the external device. A suggested value is Esc+B (escape key,

then uppercase “B” performed quickly but not simultaneously). You would specify

this value as \x1bB, which is hexadecimal (\x) character 27 (1B) followed by a B.

Enable for Dial-back

Select to grant a user dial-back access. Users with dial-back access can dial into

the SLC 8000 advanced console manager and enter their login and password.

Once the SLC device authenticates them, the modem hangs up and dials them

back. Disabled by default.

SLC™ 8000 Advanced Console Manager User Guide

197