Adtran MX2800 M13 User Manual
MX2800 M13 Multiplexer User Manual
Configuration, Section 3
61200290L1-1G
3-27
Test
A user with write-access privilege level can configure the network interface and T1/E1 interface and can
initiate loopbacks but may not view and/or alter several system-level items such as LAN configurables,
etc.
initiate loopbacks but may not view and/or alter several system-level items such as LAN configurables,
etc.
Admin
With Admin privilege level, all menu items can be viewed and/or altered. Only a user with an Admin user
account can alter the User Account Management information.
account can alter the User Account Management information.
on page 3-30 provides a summary of privileges.
NOTE
The
Load Default Settings
menu item that is located on the
Configuration/
Utilities
menu resets the
User Account Management
table back to the
factory default account
adtran/adtran/admin
.
RADIUS Authentication
The MX2800 is capable of communicating with a RADIUS server for authentication of menu users and
TL1 users. The RADIUS authentication support is implemented per RFC2865. User account information
in the onboard user database will remain intact when the MX2800 is upgraded to support authentication via
RADIUS.
TL1 users. The RADIUS authentication support is implemented per RFC2865. User account information
in the onboard user database will remain intact when the MX2800 is upgraded to support authentication via
RADIUS.
Several options are available for provisioning RADIUS authentication features, all of which are accessible
only via menus and by users with Admin-level privileges.
only via menus and by users with Admin-level privileges.
RADIUS State
This option sets the RADIUS authentication capabilities as either Enabled or Disabled. The default value is
Disabled
.
When the RADIUS State value is Enabled, the following behavior applies when a user enters a username
and password at the MX2800. The MX2800 first authenticates the username and password against the
local user database. If local authentication succeeds, then access is granted to the MX2800 with the privi-
lege level assigned for that account in the onboard database. Local authentication is considered successful
if both the username and password are authenticated, regardless of the privilege level (including Disabled).
and password at the MX2800. The MX2800 first authenticates the username and password against the
local user database. If local authentication succeeds, then access is granted to the MX2800 with the privi-
lege level assigned for that account in the onboard database. Local authentication is considered successful
if both the username and password are authenticated, regardless of the privilege level (including Disabled).
If local authentication does not succeed, then the username and password are authenticated against the
RADIUS server. If the RADIUS authentication succeeds, then access to the MX2800 is granted with the
RADIUS Privilege Level set by the user. If the RADIUS authentication does not succeed, which includes
the case where the MX2800 does not receive a response from the server, then the user is denied access to
the MX2800.
RADIUS server. If the RADIUS authentication succeeds, then access to the MX2800 is granted with the
RADIUS Privilege Level set by the user. If the RADIUS authentication does not succeed, which includes
the case where the MX2800 does not receive a response from the server, then the user is denied access to
the MX2800.
Regardless of whether the RADIUS State option is Enabled or Disabled at the MX2800, each user account
that exists in the local user database may be assigned one of the defined privilege levels for the MX2800
(Disabled, Guest, Interface, Test, or Admin). Only a user with the Admin privilege level can access the
local database and the RADIUS options.
that exists in the local user database may be assigned one of the defined privilege levels for the MX2800
(Disabled, Guest, Interface, Test, or Admin). Only a user with the Admin privilege level can access the
local database and the RADIUS options.