User Guide
Quick-Start Guide for Nortel Networks 5399 and 8000 Access Switches
12 300855-C Rev. 00
RADIUS Security
With the RADIUS server up and running, find out the service ports that the
RADIUS server is using. The service ports will usually be 1645/udp for
authentication and 1646/udp for accounting. To set up RADIUS security:
1. Log on to the RAC as superuser and run admin. Enable security on the
RAC by entering:
admin: set annex enable_security y
2.
Configure the RADIUS host.
a. Set the RAC’s RADIUS host.
admin: set annex pref_secure1_host
<ip addr of radius host>
b. Set the RAC’s service port for authentication on the RADIUS host.
admin: set annex radius_auth1_port
<1645 or 1812>
c. Set the RAC’s accounting host.
admin: set annex radius_acct1_host
<ip addr of radius acct1 host>
d. Set the RAC’s service port for accounting on the RADIUS acct1 host.
admin: set annex radius_acct1_port
<1646 or 1813>
e. Set the authentication protocol on the RAC.
admin: set annex auth_protocol radius
3.
Enable the RADIUS client on the RAC.
admin: set annex enable_radius_acct y
4.
Set the secret authentication password that is shared between the
RADIUS host and the RAC.
admin: set annex radius_auth1_secret
<secret>
5. Set the secret accounting password that is shared between the RADIUS
host and the RAC.
6. admin: set annex radius_acct1_secret
<secret>
Note: The secret entries made in Steps 6 and 7 must be made in the clients file
on the RADIUS server for the RAC with the same
<secret>
.