Specifications
Switch Management 7-25
7. Select a Radius server from the table and click the Edit button to modify how the authentication method
is used. For more information, see Modifying the Properties of an Existing Radius Server on page 7-25.
8. Highlight a Radius Server from those listed and click the Delete button to remove the server from the list
of available servers.
9. Click the Add button at the bottom of the screen to display a sub-screen used to add a Radius Server to
the list of servers available to the switch. For more information, see
Adding a New Radius Server on page 7-26.
7.6.2.1 Modifying the Properties of an Existing Radius Server
Some of the attributes of an existing Radius Server can be modified by the WS5100 to better reflect the
Radius Server’s existing connection with the switch.
To modify the attributes of an existing Radius Server:
1. Select Management Access > Users from the main menu tree.
The Users screen displays.
2. Click on the Authentication tab.
3. Select an existing Radius Server from those listed and click the Edit button at the bottom of the screen.
4. Modify the following Radius Server attributes as necessary:
Shared Secret Displays the shared secret used to verify Radius messages (with the exception of the Access-
Request message) are sent by a Radius-enabled device configured with the same shared
secret. The shared secret is a case-sensitive string that can include letters, numbers, or
symbols. Ensure the shared secret is at least 22 characters long to protect the Radius server
from brute-force attacks.
Retries Displays the maximum number of times for the switch to retransmit a Radius Server frame
before it times out the authentication session.
Timeout Displays the maximum time (in seconds) the switch waits for the Radius Server’s
acknowledgment of authentication request packets before the switch times out of the
session.
Radius Server Index Revise the numerical Index value for the Radius Server to help distinguish this Radius Server
from other servers with a similar configuration (if necessary). The maximum number that can
be assigned is 32.
Radius Server IP
Address
Modify the IP address of the external Radius server (if necessary). Ensure this address is a
valid IP address and not a DNS name.
Radius Server Port Change the TCP/IP port number for the Radius Server (if necessary). The port range available
for assignment is from 1 - 65535.
Number of retries to
communicate with
Radius Server
Revise (if necessary) the maximum number of times for the switch to retransmit a Radius
Server frame before it times out the authentication session. The available range is between
0 - 100.
Time to wait for
Radius Server to reply
Revise (if necessary) the maximum time (in seconds) the switch waits for the Radius Server’s
acknowledgment of authentication request packets before the switch times out of the
session. The configurable range is between 1 - 1000 seconds.
Encryption key shared
with Radius Server
Enter the encryption key the switch and Radius Server share and must validate before the user
based authentication provided by the Radius Server can be initiated.