Configuring a RADIUS Authentication Server on the Command LineThe following list defines the values that to define when configuring a RADIUS authentication server on the OnSite.
•
•
• auth1: The first RADIUS authentication server.
• acct1: The first RADIUS accounting server.
• server: The RADIUS server IP address.
•
• secret : The shared password required for communication between the OnSite and the RADIUS server.
• timeout : How long the authentication server should wait before sending a success or failure response. The default is 3 seconds.
• retries : The number of times the RADIUS server is tried before the second defined RADIUS server is contacted. The default is 2.To Configure a RADIUS Authentication Server on the Command Line
1. On the OnSite, open the /etc/raddb/server file for editing.
2. Make an entry for the RADIUS server (auth1), an accounting server (acct1), and if desired, make an entry for a second RADIUS authentication server (auth2) and for a second accounting server (acct2), by performing the following steps for each server.The following screen example shows entries that define the RADIUS authentication server and the accounting server to be the same server with the same IP address, sets the secret to cyclades, the timeout to 5 seconds, and the number of retries to 5.Multiple RADIUS servers can be configured in this file. The servers are tried in the order in which they appear. If a server fails to respond, the next configured server is tried.To Configure User or Group Authorization for Accessing Serial Ports [CLI]
1. Log into the OnSite console and bring up the CLI utility.
2. Enter the parameters shown in the following screen example, followed by a comma-separated list of usernames or groupnames.
cli > config physicalports serial_port_number access
users/groups comma-separated_list_of_usernames_or_groupnames
cli > config savetoflash