Installation guide

ManualsBrandsMotorola ManualsComputer equipmentRFS7000 Series

361

362

363

364

365

366

367

368

369

370

Switch Security

6-78

4. Refer to the LDAP Server Details field to define the primary and secondary Radius LDAP server

configuration providing access to an external database used with the local Radius server.

5. Click the Apply button to save the changes made to within the screen.

Cert Trustpoint Click the View/Change button to specify the trustpoint from

which the Radius server automatically grants certificate enrollment

requests. A trustpoint is a representation of a CA or identity pair. A

trustpoint contains the identity of the CA, CA-specific configuration

parameters, and an association with one enrolled identity

certificate. If the server certificate trustpoint is not used, the

default trustpoint is used instead.

CA Cert Trustpoint Click the View/Change button to specify the CA certificate

trustpoint from which the Radius server automatically grants

certificate enrollment requests. A trustpoint is a representation of

a CA or identity pair. A trustpoint contains the identity of the CA,

CA-specific configuration parameters, and an association with one

enrolled identity certificate.

If a CA trustpoint is not specified, the "default trustpoint's CA

certificate is used as a ca certificate. If the "Default trustpoint"

does not have a CA certificate, the server certificate itself will be

used as the CA certificate.

NOTE EAP-TLS will not work with a default trustpoint. Proper CA and Server trustpoints

must be configured for EAP-TLS. For information on configuring certificates for use

with the switch, see Creating Server Certificates on page 6-86.

IP Address

Enter the IP address of the external LDAP server acting as the data

source for the Radius server. This server must be accessible from

an active subnet on the switch.

Port

Enter the TCP/IP port number for the LDAP server acting as the

data source.

Password Attribute

Enter the password attribute used by the LDAP server for

authentication.

Bind DN

Specify the distinguished name to bind with the LDAP server.

Bind Password

Enter a valid password for the LDAP server.

Base DN

Specify a distinguished name that establishes the base object for

the search. The base object is the point in the LDAP tree at which

to start searching.

User Login Filter

Enter the login used by the LDAP server for authentication.

Group Filter

Specify the group filters used by the LDAP server.

Group Membership

Attribute

Specify the Group Member Attribute sent to the LDAP server

when authenticating users.

Group Attribute

Specify the group attribute used by the LDAP server.

Net Timeout

Enter a timeout value the system uses to terminate the connection

to the Radius Server if no activity is detected.