Manualshelf

User guide

ManualsBrandsExtreme Networks ManualsComputer equipmentExtremeWare Enterprise Manager
301302303304305306307308309310
ExtremeWare EPICenter Software Installation and User Guide 15-11
RADIUS Administration
3 Enter the RADIUS server’s shared secret in the Radius Secret field.
This string is basically a shared key by which the RADIUS server and its clients
recognize each other, and which they use for secure transmission of user passwords.
If you change the secret in the RADIUS server, you must also change it in any
of the RADIUS clients (Extreme switches) that use the RADIUS server for user
authentication.
4 The default port used for the RADIUS server is 1645.To change the server port, enter
the port number in the RADIUS Port field.
If you change the RADIUS server port, you must make sure that the ports used
in any RADIUS clients (Extreme switches that use this RADIUS server for user
authentication) match the port you enter for the server.
To enable EPICenter as a RADIUS client, do the following:
1 Click the RADIUS Administration tab at the top of the page.
2 Click the Enable EPICenter as a RADIUS Client button at the top of the page.
This enables the fields in the Client Configuration panel.
3 Fillinthefields (servernameorIP address,port,andsharedsecret)fortheprimaryand
secondary RADIUS servers as appropriate.
It is recommended, but not required, that both a primary and a secondary RADIUS
server be available for authentication.
4 Click Apply to have the configuration changes take effect.
5 To enable or disable the RADIUS server, click the appropriate button.
Enabling the RADIUS server means that Extreme switches can act as RADIUS clients,
authenticating users against the RADIUS server’s database of users, as administered
through theEPICenter.Thus, evenifa user accesses the switch directlythrough Telnetor a
browser, the RADIUS server will provide the authentication service.
Disabling the RADIUS server means that it will not be available for authenticating users.
In this case, each Extreme switch must maintain its own list of users and access
permissions, and users will need to remember a (possibly different) login and password
for every switch.
If you have enabled the EPICenter RADIUS server, authentication activity islogged to the
file
radius_log.txt, found in the EPICenter root install directory.