Manualshelf

Service manual

ManualsBrandsAvocent ManualsComputer equipmentCyclades ACS
51525354555657585960
46 Cyclades ACS 5000 Advanced Console Server Command Reference Guide
To configure a RADIUS authentication server:
1. On the Radius server, edit /etc/raddb/users and add a new string attribute (ATTRIBUTE
Framed-Filter-Id) similar to the following example.
groupuser1 Auth-Type= Local, Password =”xxxx”
Service-Type=Callback-Framed-User,
Callback-Number=”305”,
Framed-Protocol=PPP,
Framed-Filter-Id
Framed-Filter-Id=”group_name=<Group1>[,<Group2>,...,<GroupN>]”;
Fall-Through=No
If the Frame-Filter-Id already exists, add the group_name to the string starting with a colon (:).
2. On the console server, use the CLI utility to edit the parameters described in the
following table.
cli> config security authentication [parameter] <value>
Table 3.9: Radius Configuration Parameters
Parameter Value Description
radiusauthsvr1 <n.n.n.n> This address indicates the location of the Radius
authentication server. A second Radius authentication server
may be configured with the parameter radiusauthsvr2.
radiusacctsvr1 <n.n.n.n> This address indicates the location of the Radius accounting
server, which may be used to track how long users are
connected after being authorized by the authentication server.
Its use is optional. If this parameter is not used, accounting
cannot be performed. If the same server is used for
authentication and accounting, both parameters must be filled
with the same address. A second Radius accounting server
may be configured with the parameter accthost2.
radiussecret <radiussecret>
This is the shared secret (password) necessary for communication
between the
console server
and the Radius servers.
radiustimeout <number> This is the timeout (in seconds) for a Radius authentication
query to be answered.
radiusretries <number> Defines the number of times each Radius server is tried before
another is contacted. The first server radiusauthhost1 is tried
for the specified number of times, before the second
radiusauthhost2, if configured, is contacted and tried for the
specified number of times. If the second server fails to
respond, Radius authentication fails.