172 Configuring authentication
ATTENTION
If you ran the quick setup wizard during initial setup, the Local database
authentication method has been created as Authentication 1.
You can configure more than one authentication method within a Nortel
SNAS domain. You determine the order in which the methods are
applied by default. Client credentials are checked against the various
authentication databases until the first match is found.
You can configure the methods so that their names display on the portal
login page (see “Configuring authentication methods” (page 177)). You
can then direct clients to select a specific authentication server (for
example, for direction to a specific Windows domain). If the client selects
a Login Service name, the authentication request is directed immediately
to the specified service. Otherwise, authentication defaults to being
carried out according to the authentication order you have configured (see
“Specifying authentication fallback order” (page 209)).
For general information about authentication within the Nortel SNAS, see
Nortel Secure Network Access Solution Guide, (NN47230-200).
Before you begin
Before you configure authentication on the Nortel SNAS, you must
complete the following tasks:
Step Action
1Create the Nortel SNAS domain, if applicable (see “Creating a
domain” (page 83)).
If you ran the quick setup wizard during initial setup, doamin #
has been created on the Nortel SNAS.
ATTENTION
With Nortel Secure Network Access Switch Software Release 1.6.1,
you cannot configure the Nortel SNAS to have more than one
domain.
2Create and configure the groups (see “Configuring groups and
profiles” (page 149)).
3For external authentication servers, create or modify settings on
the external server as required.
aA free RADIUS server may require specific settings in the
clients.conf file and the Users file to match group parameters
you may have configured on the Nortel SNAS.
bA Steel-belted RADIUS server requires specific settings in the
vendor.ini file, master dictionary, and vendor dictionary.
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100 03.01 Standard
28 July 2008
Copyright © 2007,2008 NortelNetworks
.