Specifications

ManualsBrandsServer Technology ManualsComputer equipmentPT22

111

112

113

114

115

116

117

118

119

120

Advanced Operations  113

Installation and Operations Manual

RADIUS

The PT22 supports the Remote Authentication Dial-in User Service (RADIUS) protocol. RADIUS

provides a centralized network protocol to enable remote authentication and authorization, such as user

names and passwords. With a central RADIUS server, user accounts do not need to be individually

created locally on each unit. This allows administrators to pre-define and configure (in each PT22 and

in the RADIUS server), a set of necessary RADIUS privilege levels and user access rights for each

level.

RADIUS is also used in enterprise-wide networks because it provides the administrator with high

performance, less memory usage, less CPU cycles on routers and switches, and an open standard that is

easily interoperable within the network.

In addition to the protocol-required attributes, the RADIUS authentication process can be extended by

using private vendor-specific attributes (VSA). This extension allows Server Technology to create its

own proprietary attributes to support features and services using the PT22 in the RADIUS

authentication process.

RADIUS Command Summary

Command Description

Set Authorder Specifies the authentication order for each new session attempt

Set RADIUS Enables or disables RADIUS support

Set RADIUS…Server Configures the address of the RADIUS server

Set RADIUS…Secret Sets the shared secret for the RADIUS server

Set RADIUS…Port Sets the port number of the RADIUS server

Set RADIUS…Timeout Configures the timeout interval for the RADIUS server

Set RADIUS…Retries Sets the number of retries for the RADIUS server

Show RADIUS Displays RADIUS configuration settings

Enabling and Setting Up RADIUS Support

The following configuration tasks are required to properly enable and set up RADIUS support on the

primary and secondary RADIUS servers.

Enabling and disabling RADIUS support:

The Set RADIUS command enables or disables RADIUS support.

To enable or disable RADIUS support:

At the Switched CDU: prompt, type set radius, followed by enabled or disabled, and press Enter.

Setting the authentication order:

The Set Authorder command sets the authentication order for remote authentication sessions. The

PT22 supports two methods for authentication order: Remote -> Local and Remote Only.

The Remote -> Local method first attempts authentication with the RADIUS server, and, if

unsuccessful, then attempts authentication with the local user database on the PT22 device.

The Remote Only method attempts authentication only with the RADIUS server, and, if unsuccessful,

access is denied.

NOTE: With the Remote Only method, if authentication fails due to a communication failure with the RADIUS server

automatic authentication fallback will occur to authenticate with the local user data base on the PT22 device.

To set the authentication order:

At the Switched CDU: prompt, type set authorder, followed by remotelocal or remoteonly and press

Enter.

NOTE: Server Technology recommends not setting the authentication order to Remote Only until RADIUS has been

configured and tested.