White Papers

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S5000

811

812

813

814

815

816

817

818

819

820

• The administrator changes the idle-time of the line on which the user has logged in.

• The idle-time is lower than the RADIUS-returned idle-time.

ACL Conguration Information

The RADIUS server can specify an ACL. If an ACL is congured on the RADIUS server, and if that ACL is present, the user may be allowed

access based on that ACL.

If the ACL is absent, authorization fails, and a message is logged indicating this.

RADIUS can specify an ACL for the user if both of the following are true:

• If an ACL is absent.

• If there is a long delay for an entry, or a denied entry because of an ACL, and a message is logged.

NOTE: The ACL name must be a string. Only standard ACLs in authorization (both RADIUS and TACACS) are supported.

Authorization is denied in cases using Extended ACLs.

Auto-Command

You can congure the system through the RADIUS server to automatically execute a command when you connect to a specic line.

The auto-command command is executed when the user is authenticated and before the prompt appears to the user.

• Automatically execute a command.

auto-command

Setting Access to Privilege Levels through RADIUS

To congure a privilege level for users to enter into when they connect to a session, use the RADIUS server. This value is congured on the

client system.

Congure a privilege level.

privilege level

Conguration Task List for RADIUS

To authenticate users using RADIUS, specify at least one RADIUS server so that the system can communicate with and congure RADIUS

as one of your authentication methods.

The following list includes the conguration tasks for RADIUS.

• Dening a AAA Method List to be Used for RADIUS (mandatory)

• Applying the Method List to Terminal Lines (mandatory except when using default lists)

• Specifying a RADIUS Server Host (mandatory)

• Setting Global Communication Parameters for all RADIUS Server Hosts (optional)

• Monitoring RADIUS (optional)

For a complete listing of all Dell Networking OS commands related to RADIUS, refer to the Security chapter in the Dell Networking OS

Command Line Reference Guide.

NOTE

: RADIUS authentication and authorization are done in a single step. Hence, authorization cannot be used independent of

authentication. However, if you have congured RADIUS authorization and have not congured authentication, a message is

logged stating this. During authorization, the next method in the list (if present) is used, or if another method is not present, an

error is reported.

Security 817