User guide
Appendix D: Server Configuration
256
4. The Policy Conditions dialog appears. Click the Add... button.
5. Select the NAS-IP-Address name and click the Add... button. Type
the IP address of the Dominion SX unit.
6. Type a second condition using the name Windows-Group and the
value SX User Group. Click Next>.
7. Select the Grant remote access permission radio button.
8. Click Next>. The Profile dialog appears.
9. Click the Edit Profile... button.
10. Choose the Authentication tab. Deselect all other checkboxes select
the Unencrypted authentication (PAP, SPAP) checkbox.
Note: This version of Dominion SX does not support Challenge
Authentication Protocol (CHAP).
11. Click the Advanced tab. Remove Framed-Protocol.
Note: Each policy has conditions that must be met. If the conditions
are not met, then IAS goes to the next policy and examines the
conditions.
12. Click the Add... button. The RADIUS attributes list appears.
13. Select Filter-Id Name and click the Add button. Click Add in the
Attribute values section. Type the attribute value: Raritan:G{Admin}.
14. Click OK.
15. The value in G{} is the name of a group locally on the SX, in this
case the default Admin group.
The value can be Raritan:G{Admin}:D{1234567890} if you are
using the dial back feature, where 1234567890 is the phone
number for dial back.
The value Raritan:G{Admin} must match with the local group on
the Dominion SX.
The Dominion SX comes from the factory with the default Admin
group.
Additional user groups can be created on Dominion SX unit by
using the User Management>User Group option.
Appropriate port access and user class (Operator or Observer)
can be defined. The group name should be specified in the
Filter-Id attribute value accordingly in order to authorize the
RADIUS user to access the Dominion SX unit
16. Move the new policy so it appears as the first (top) policy in the
Policy List.