This lesson describes how to configure radius for switch management access via telnet and webinterface on devices running HiOS and HiSecOS.
Configure Radius-Server
1.) Click on "Create" and enter IP-address of Radius-Server.
2.) Configure "Shared Secret". Please note that this field will be empty after the next step because of security reasons.
3.) Click on "Set" in order to send new configuration to switch agent.
Optional: Use CLI
Please use following command:
radius server auth add 1 ip <ip-address>
radius server auth modify 1 secret
Configure Authentication List
1.) Configure "defaultLoginAuthList" and insert "radius" as a policy.
2.) Click on "Set" in order to send new configuration to switch agent.
Optional: Use CLI
Please use following command:
authlists set-policy defaultLoginAuthList local radius
Radius Configuration
Service-Types
Service-Type := Administrative-User „admin“
Service-Type := Login-User „operator“
Service-Type := NAS-Prompt-User „user“
No Service-Type reject login