12: User Authentication
SLC™ 8000 Advanced Console Manager User Guide 271
2. Enter the following:
Enable RADIUS Displays selected if you enabled this method on the User Authentication page. If
you want to set up this authentication method but not enable it immediately, clear
the checkbox.
Note: You can enable RADIUS here or on the first User Authentication page. If
you enable RADIUS here, it automatically displays at the end of the order of
precedence on the User Authentication page.
RADIUS Server #1 IPv4 or IPv6 address or hostname of the primary RADIUS server. This RADIUS
server may be a proxy for SecurID.
SecurID is a two-factor authentication method based on the user's SecurID token
and pin number. The SecurID token displays a string of digits called a token code
that changes once a minute (some tokens are set to change codes every 30
seconds).
Server #1 Port Number of the TCP port on the RADIUS server used for the RADIUS service. If you
do not specify an optional port, the SLC unit uses the default RADIUS port (1812).
Server #1 Secret Text that serves as a shared secret between a RADIUS client and the server (SLC
unit). The shared secret is used to encrypt a password sent between the client and
the server. May have up to 128 characters.
RADIUS Server #2 IPv4 or IPv6 address or host name of the secondary RADIUS server. This server
can be used as a SecurID proxy.
Server #2 Port Number of the TCP port on the RADIUS server used for the RADIUS service. If you
do not specify an optional port, the SLC 8000 advanced console manager uses the
default RADIUS port (1812).
Server #2 Secret Text that serves as a shared secret between a RADIUS client and the server (SLC
unit). The shared secret is used to encrypt a password sent between the client and
the server. May have up to 128 characters.
Timeout The number of seconds (1-30) after which the connection attempt times out. The
default is 30 seconds.
Use VSA Select the check box to obtain remote user attributes (group/permissions and port
access) from the RADIUS server via the Vendor-Specific Attribute (VSA). For
details on the format of the VSA, see User Attributes & Permissions from LDAP
Schema or RADIUS VSA on page 273.
Custom Menu If custom menus have been created, you can assign a default custom menu to
RADIUS users.
Escape Sequence A single character or a two-character sequence that causes the SLC unit to leave
direct (interactive) mode. (To leave listen mode, press any key.)
A suggested value is Esc+A (escape key, then uppercase "A" performed quickly
but not simultaneously). You would specify this value as \x1bA, which is
hexadecimal (\x) character 27 (1B) followed by an A.
This setting allows the user to terminate the
connect direct command on the
command line interface when the endpoint of the command is
deviceport,
tcp, or udp.
See Key Sequences on page 230 for notes on key sequence precedence and
behavior.
Break Sequence A series of 1-10 characters users can enter on the command line interface to send
a break signal to the external device. A suggested value is Esc+B (escape key,
then uppercase “B” performed quickly but not simultaneously). You would specify
this value as \x1bB, which is hexadecimal (\x) character 27 (1B) followed by a B.
To Next Page
Loading...
Need help?
General
