SmartWare Software Configuration Guide

8 • RADIUS Client Configuration

 

 

Figure 14 illustrates the authentication procedure for a user logging into a SmartNode that is configured to use RADIUS as authentication method.

AAA Server

(RADIUS)

3. Authentication accepted

4. Access granted

IP

2. Authentication requested

 

User

1. Login Request

Node

Figure 14. Authentication procedure with a RADIUS server

General AAA Configuration

The AAA component consists of AAA profiles and AAA methods. A service (e.g. Telnet) has to specify a profile it wants to apply to all login requests. The profile then specifies the sequence in which methods are applied to obtain AAA information. Figure 15 illustrates the correlation between the Telnet login and console login services.

 

AAA method

Service

radius_deepblue

AAA profile

1

Telnet

 

cli-login

2

radius_extern

 

Console

3

local database

console-

1

 

login

none

 

 

2

Figure 15. How to use AAA methods and AAA profiles

The Telnet service uses an AAA profile called cli-login. This profile specifies that the following methods are used in the order they appear in the configuration:

1.Query RADIUS server radius_deepblue.

2.Query RADIUS server radius_extern.

The AAA component

104

Page 104
Image 104
Patton electronic SmartNode 4110 Series manual General AAA Configuration, Authentication procedure with a Radius server