246Chapter 6 Configuring authentication

The RADIUS menu displays.

The RADIUS menu includes the following options:

/cfg/domain 1/aaa/auth #/radius followed by:

servers

Accesses the RADIUS servers menu, in order to

 

manage the external RADIUS servers configured for

 

the domain (see “Managing RADIUS authentication

 

servers using the CLI” on page 247).

 

 

vendorid <vendor ID>

Specifies the vendor-specific attribute used by the

 

RADIUS server to send group names to the Nortel

 

SNAS 4050. The default Vendor-Id is 1872 (Alteon).

 

To use a standard RADIUS attribute rather than the

 

vendor-specific one, set the vendor ID to 0 (see also

 

vendor type).

 

Note: If authproto is chapv2, the Vendor-Id must

 

be set to 311 (Microsoft).

 

 

vendortype <vendor

Specifies the Vendor-Type value used in combination

type>

with the Vendor-Id to identify the groups to which the

 

user belongs. The group names to which the

 

vendor-specific attribute points must match names you

 

define on the NSNAS. The default is 1.

 

If you set the vendor ID to 0 in order to use a standard

 

RADIUS attribute (see vendor ID), set the vendor type

 

to a standard attribute type as defined in RFC 2865.

 

For example, to use the standard attribute Class, set

 

the vendor ID to 0 and the vendor type to 25.

 

 

domainid <domain ID>

Specifies the vendor-specific attribute used by the

 

RADIUS server to send domain names to the NSNAS.

 

The default Vendor-Id is 1872 (Alteon).

 

Note: If authproto is chapv2, consider setting the

 

Vendor-Id for the domain to 10 (MS-CHAP-Domain).

 

 

domaintype <domain

Specifies the Vendor-Type value used in combination

type>

with the Vendor-Id to identify the domain. The default

 

is 3.

 

 

authproto papchapv2

Specifies the protocol used for communication between

 

the Nortel SNAS 4050 and the RADIUS server. The

 

options are:

 

pap — Password Authentication Protocol (PAP)

 

chapv2 — Challenge Handshake Authentication

 

Protocol (CHAP), version 2

 

The default is PAP.

 

 

320818-A

Page 246
Image 246
Nortel Networks 4050 manual Cfg/domain 1/aaa/auth #/radius followed by, Type