RADIUS configuration 106
SmartWare Software Configuration Guide 8 • RADIUS Client Configuration
node(pf-auth)[remote-~]#exit
node(cfg)#
node(cfg)#profile authentication local-only
node(pf-auth)[local-o~]#method local
node(pf-auth)[local-o~]#method none
node(pf-auth)[local-o~]#exit
node(cfg)#terminal Telnet use authentication remote-radius
node(cfg)#terminal console use authentication local-only
node(cfg)#show profile authentication
Authentication Profile: default
Server-Timeout: 10
Methods:
local (Type=local)
none (Type=none)
Authentication Profile: remote-radius
Server-Timeout: 15
Methods:
radius_deepblue (Type=radius)
radius_extern (Type=radius)
local (Type=local)
Authentication Profile: local-only
Server-Timeout: 10
Methods:
local (Type=local)
none (Type=none)
node(cfg)#
Note If you do not configure AAA, a default AAA profile exists containing the
AAA local as the first AAA method and the AAA none as the second. The Tel-
net login and the console login service use this profile. If an emergency
occurs, you can reload this default configuration by reloading the factory
configuration as described in section “Boot procedure” on page 74.
RADIUS configuration
RADIUS is a protocol for carrying authentication, authorization, and configuration information between a
network access server (NAS) that desires to authenticate its links and a shared authentication server. A NAS
operates as a client of RADIUS. The client is responsible for passing user information to designated RADIUS
servers and then acting on the response that is returned. RADIUS servers are responsible for receiving user con-
nection requests, authenticating the user, and then returning all configuration information necessary for the
client to deliver service to the user.
Possible lock-out —If you delete the local and none methods
from the default AAA profile, or if you create and use a profile
without methods local and none, you will be unable to access
your device if the network or RADIUS server is not available.
IMPORTAN
T