Manuals / Brands / Computer Equipment / Switch / SMC Networks / Computer Equipment / Switch

SMC Networks SMC6750L2 , S, 2-14, Configuring Radius Logon Authentication

1 272

Download 272 pages, 1.87 Mb

C

ONFIGURING

THE

S

WITCH

2-14Configuring Radius Logon Authentication

Remote Authentication Dial-in User Service (RADIUS) is an

authentication protocol that uses a central ser ver to control access to

RADIUS-compliant devices on the network. A RADIUS ser ver can be

programmed with a database of multiple user nam e/password pairs and

associated privilege levels for each user or group that requi res management

access to this switch using the console port, Telnet or the Web.

When setting up privilege levels on the RADIUS server, level 0 allows

guest (CLI - Normal Exec) access to the switch. Only level 15 allows

administrator (CLI - Privileged Exec) access.

Command Attributes

•Authentication – Select the authentication, or authentication

sequence required:

- Radius – User authentication is performed using a RADIUS server

only.

- Local – User authentication is performed only locally by th e switch.

- Radius, Local – User authentication is attempted first using a

RADIUS server, then locally by the switch.

- Local, Radius – User authentication is first attempted locally by the

switch, then using a RADIUS server.

•Server IP Address – The IP address of the RADIUS server.

•Server Port Number – The UDP port number used by the

RADIUS server.

•Secret Text String – The text string that is shared between the

switch and the RADIUS server.

•Number of Server Transmits – The number of request transmits

to the RADIUS server before failure.

Contents

Main TigerSwitch 10/100 50-Port Layer 2 Switch Management Guide Page Page Page L W IMITED ARRANTY ii iii ONTENTS 1 Switch Management . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 2 Configuring the Switch . . . . . . . . . . . . . . . . . . . . . . . . 2-1 iv v 3 Command Line Interface . . . . . . . . . . . . . . . . . . . . . . 3-1 vi vii viii ix APPENDICES: 1-1 1 S M WITCH ANAGEMENT Connecting to the Switch M 1-2 Required Connections S 1-3 M 1-4 Remote Connections Basic Configuration M 1-6 Setting an IP Address C 1-7 M 1-8 C 1-9 Enabling SNMP Management Access M 1-10 C 1-11 Saving Configuration Settings M 1-12 Managing System Files D 1-13 System Defaults M 1-14 D 1-15 Page 2-1 2 S THE ONFIGURING Navigating the Web Browser Interface Home Page Page Panel Display M 2-5 Main Menu S 2-6 M 2-7 S 2-8 Basic Configuration Displaying System Information C ASIC 2-9 a Telnet button that allows you to access the Command Line Interface via Telnet.) CLI Specify the hostname, location and contact information. S 2-10 Setting the IP Address C 2-11 Manual Configuration Using DHCP/BOOTP S 2-12 2-13 Security Configuring the Logon Password S 2-14 Configuring Radius Logon Authentication 2-15 CLI Commands Managing Firmware F 2-17 S 2-18 Saving or Restoring Configuration Settings F 2-19 Setting the Startup Configuration File S 2-20 Copying the Running Configuration to a File Displaying Bridge Extension Capabilities F 2-21 S 2-22 Displaying Switch Hardware/Software Versions F ANAGING IRMWARE 2-23 Web Click System/Switch Information. Port Configuration C ORT 2-25 CLI This example shows the connection status for Port 13. S 2-26 Configuring Interface Connections C 2-27 Page Page Address Table Settings Page Page Spanning Tree Protocol Configuration S 2-34 Page S 2-36 CLI This command displays global STA settings, followed by the settings for each port. Page S 2-38 T C P 2-39 S 2-40 Web Click STA/STA Port Information or STA Trunk Information. CLI This example shows the STA attributes for port 5. VLAN Configuration S 2-42 Assigning Ports to VLANs 2-43 S 2-44 Forwarding Tagged/Untagged Frames Displaying Basic VLAN Information 2-45 Displaying Current VLANs Command Attributes for Web Interface Page 2-47 Creating VLANs S 2-48 Adding Interfaces Based on Membership Type 2-49 Page 2-51 Configuring VLAN Behavior for Interfaces S 2-52 C Class of Service Configuration Page Page S 2-56 Page S 2-58 Setting the Service Weight for Traffic Classes Page S 2-60 Mapping IP Precedence C S 2-61 S 2-62 Mapping DSCP Priority C ERVICE S OF Page Page S 2-66 Port Trunk Configuration T C RUNK ORT 2-67 S 2-68 Statically Configuring a Trunk SNMP Configuring SNMP Setting Community Access Strings Access Mode Page C 2-71 Multicast Configuration S 2-72 Configuring IGMP Parameters C 2-73 S 2-74 Interfaces Attached to a Multicast Router C 2-75 Displaying Interfaces Attached to a MulticastRouter Specifying Interfaces Attached to a MulticastRouter S 2-76 Page S 2-78 Adding Multicast Addresses to VLANs Command Attribute Showing Device Statistics Page D S EVICE HOWING TATISTICS Page 3 I INE L OMMAND L I 3-2 Telnet Connection C Entering Commands Keywords and Arguments Page C 3-5 Showing Commands Partial Keyword Lookup Page C 3-7 Exec Commands L I 3-8 Configuration Commands C 3-9 Command Line Processing L I Command Groups The system commands can be broken down into the functional groups shown below G 3-11 L I 3-12 General Commands enable C 3-13 disable L I 3-14 configure C 3-15 show history Page C 3-17 exit quit L Flash/File Commands copy C 3-19 L I 3-20 delete C 3-21 dir L I 3-22 whichboot C 3-23 boot system L I System Management Commands M C 3-25 hostname L I 3-26 username M C 3-27 enable password L I 3-28 ip http port Page L I 3-30 logging history M C 3-31 Page Page L I 3-34 Example Related Commands show running-config M C 3-35 show running-config L I 3-36 show system show users M C 3-37 show version L RADIUS Client Commands authentication login RADIUS C C 3-39 radius-server host Page RADIUS C C 3-41 radius-server retransmit L I 3-42 radius-server timeout show radius-server SNMP Commands snmp-server community L I 3-44 snmp-server contact 3-45 snmp-server location snmp-server host L I 3-46 3-47 snmp-server enable traps L I 3-48 show snmp 3-49 IP Commands L I 3-50 ip address 3-51 ip dhcp restart L I 3-52 ip default-gateway 3-53 show ip interface Page 3-55 L I 3-56 Line Commands C 3-57 line L I 3-58 login C 3-59 password L I 3-60 exec-timeout C 3-61 password-thresh L I 3-62 silent-time C 3-63 databits Page C 3-65 stopbits L I 3-66 show line C Interface Commands Page C 3-69 speed-duplex L I 3-70 negotiation C 3-71 capabilities Default Setting L I 3-72 flowcontrol C 3-73 shutdown L I 3-74 switchport broadcast C 3-75 show interfaces status L I 3-76 show interfaces counters C 3-77 show interfaces switchport L I Address Table Commands A C T 3-79 bridge address L I 3-80 show bridge A C T 3-81 clear bridge Page T C 3-83 Command Mode Privileged Exec Spanning Tree Commands L I 3-84 bridge spanning-tree T C 3-85 bridge forward-time Page T C 3-87 bridge priority L I 3-88 bridge-group path-cost T C 3-89 bridge-group priority L I 3-90 bridge-group portfast Page L I 3-92 3-93 VLAN Commands L I 3-94 vlan database 3-95 vlan L I 3-96 interface vlan 3-97 switchport mode L I 3-98 switchport acceptable-frame-types 3-99 switchport ingress-filtering Page 3-101 switchport allowed vlan L I 3-102 switchport forbidden vlan 3-103 show vlan L I 3-104 GVRP and Bridge Extension Commands switchport gvrp Page L I 3-106 garp timer GVRP C E B 3-107 Page C 3-109 Example IGMP Snooping Commands L I 3-110 ip igmp snooping C 3-111 ip igmp snooping vlan static Page C 3-113 show bridge multicast L I 3-114 ip igmp snooping querier C 3-115 ip igmp snooping query-count ip igmp snooping query-interval L I 3-116 ip igmp snooping query-max-response-time C 3-117 ip igmp snooping query-time-out L I 3-118 ip igmp snooping vlan mrouter Page L I 3-120 Priority Commands C 3-121 switchport priority default L I 3-122 queue bandwidth C 3-123 queue cos-map L I 3-124 C 3-125 show queue bandwidth show queue cos-map L I 3-126 map ip port (Global Configuration) C 3-127 map ip port (Interface Configuration) Page C 3-129 Page C 3-131 L I 3-132 show map ip port C 3-133 show map ip precedence L I 3-134 show map ip dscp P Mirror Port Commands port monitor L I 3-136 show port monitor T Port Trunking Commands L I 3-138 channel-group T C 3-139 lacp L I 3-140 PPENDIX A-1 A T ROUBLESHOOTING Troubleshooting Chart A-2 Upgrading Firmware via the Serial Port U P S F A-4 Page Page PPENDIX B-1 B P A IN SSIGNMENTS Console Port Pin Assignments Page G Glossary-1 LOSSARY Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 Page I NDEX Index-1 A B R S T U V