The authentication server needs to be correctly configured if administrator authentication uses the Remote Authentication Dial-In User Service (RADIUS).
Prerequisites
An authentication server is available.
NOTE: Procedure
- Choose .
- Click
.
- On the Modify RADIUS Server page,
set RADIUS server parameters that are listed in Table 1.
Table 1 Configuring the RADIUS server Parameter Description Value Auth mode
Mode for the RADIUS server to authenticate administrators.
PAP: uses a plain text password and requires two-way handshakes.
Compared with CHAP authentication, it is superior in authentication efficiencies but inferior in security.
CHAP: uses a cipher text password and requires three-way handshakes.
Compared with PAP authentication, it is superior in security but inferior in authentication efficiencies.
Main and spare RAIDIUS servers need to use the same authentication method.
如果选择明文模式,有较高安全风险,所以请尽量选择密文模式。
Main IP address
IP address of the main RADIUS server.
-
Spare IP address
IP address of the spare RADIUS server.
-
Port
Port of the RADIUS server.
Main and spare RAIDUS servers need to use the same port.
Shared key
Encrypts RADIUS authentication packets to safeguard authentication information during transfer.
To authenticate the identities of involved parties, the shared key must be the same as the key configured on the RADIUS server.
Main and spare RAIDIUS servers need to use the same shared key.
Shared key suggest contain letters, digits, and special characters at the same time. And should be longer than 8 characters.
- Click OK.