Motorola WS5100 User Manual
4-38 WS5100 Series Switch System Reference Guide
7. Refer to the
Accounting
field and define the following credentials for a primary and secondary Radius
Server.
8. Select the
Re-authentication
checkbox to force periodic re-authentication with the Radius server.
Periodic repetition of the authentication process provides ongoing security for current authorized
connections. Define an interval between 30 and 65535 seconds.
connections. Define an interval between 30 and 65535 seconds.
9. Refer to the
Advanced
field to define the authentication protocol used with the Radius Server.
10.Click
OK
to save the changes made to this screen.
11.Click
Cancel
to revert back to the last saved configuration and move back to the
Network > Wireless LANs > Edit screen.
Configuring an External Radius Server for Optimal Switch Support
The switch’s external Radius Server should be configured with switch specific attributes to best utilize the
user privilege values assignable by the Radius Server. The following two values should be configured on the
external Radius Server for optimal use with the switch:
user privilege values assignable by the Radius Server. The following two values should be configured on the
external Radius Server for optimal use with the switch:
• Motorola user privilege values
• User login source
Accounting Server
Address
Address
Enter the IP address of the primary and secondary server acting as the Radius accounting
server.
server.
Accounting Port
Enter the TCP/IP port number for the primary and secondary server acting as the Radius
accounting data source. The default port is 1813.
accounting data source. The default port is 1813.
Accounting Shared
Secret
Secret
Provide a shared secret (password) for user credential authentication with the primary or
secondary Radius accounting server.
secondary Radius accounting server.
Accounting Timeout
Enter a value (between 1 and 300 seconds) to indicate the number of elapsed seconds
causing the switch to time out on a request to the primary or secondary accounting server.
causing the switch to time out on a request to the primary or secondary accounting server.
Accounting Retries
Enter a value between 1 and 100 to indicate the number of times the switch attempts to
reach the primary or secondary Radius accounting server before giving up.
reach the primary or secondary Radius accounting server before giving up.
Accounting Mode
Use the Accounting Mode drop-down menu to define the accounting mode as either
Start-
Stop
,
Stop Only
or
Start-Interim-Stop
. Define the interval (in seconds) used with the
selected accounting mode.
PAP
PAP - Password Authentication Protocol sends a username and password over a network to
a server that compares the username and password to a table of authorized users. If the
username and password are matched in the table, server access is authorized.
a server that compares the username and password to a table of authorized users. If the
username and password are matched in the table, server access is authorized.
CHAP
CHAP is an encrypted authentication method based on Microsoft's challenge/response
authentication protocol.
authentication protocol.
DSCP/TOS
Optionally mark packets with a DiffServ CodePoint (DSCP) in its header. The DSCP value is
stored in the first 6 bits of the Type of Service (ToS) field that is part of the standard IP header.
The DCSP values are associated with a forwarding treatment called Per Hop Behaviors (PHB).
Service can be provisioned (if necessary) by assigning a DCSP point code from 1 - 6.
stored in the first 6 bits of the Type of Service (ToS) field that is part of the standard IP header.
The DCSP values are associated with a forwarding treatment called Per Hop Behaviors (PHB).
Service can be provisioned (if necessary) by assigning a DCSP point code from 1 - 6.