Alcatel-Lucent 6850-48 Guida Di Rete
Server Overview
Managing Authentication Servers
page 35-6
OmniSwitch AOS Release 6 Network Configuration Guide
September 2009
A RADIUS server supporting the challenge and response mechanism as defined in RADIUS RFC 2865
may access an ACE/Server for authentication purposes. The ACE/Server is then used for user authentica-
tion, and the RADIUS server is used for user authorization.
may access an ACE/Server for authentication purposes. The ACE/Server is then used for user authentica-
tion, and the RADIUS server is used for user authorization.
Authenticated VLANs
For authenticated VLANs, authentication servers contain a database of user names and passwords, chal-
lenges/responses, and other authentication criteria such as time-of-day access. The Authenticated VLAN
attribute is required on servers set up in multiple authority mode.
lenges/responses, and other authentication criteria such as time-of-day access. The Authenticated VLAN
attribute is required on servers set up in multiple authority mode.
Servers may be configured using one of two different modes, single authority mode or multiple authority
mode. The mode specifies how the servers are set up for authentication: single authority mode uses a
single list (an authentication server and any backups) to poll with authentication requests. Multiple author-
ity mode uses multiple lists, one list for each authenticated VLAN. For more information about authority
modes and Authenticated VLANs, see
mode. The mode specifies how the servers are set up for authentication: single authority mode uses a
single list (an authentication server and any backups) to poll with authentication requests. Multiple author-
ity mode uses multiple lists, one list for each authenticated VLAN. For more information about authority
modes and Authenticated VLANs, see
The switch polls the server
for login information, and
checks the switch for privi-
lege information
for login information, and
checks the switch for privi-
lege information
.
LDAP or TACAS+
or RADIUS
OmniSwitch
End Station
login request
The switch polls the server
and receives login and privi-
lege information about the
user.
and receives login and privi-
lege information about the
user.
ACE/Server
End Station
login request
OmniSwitch
Servers Used for Authenticated Switch Access
OmniSwitch 6648
OmniSwitch 6648
user
privileges
Ethernet clients
OmniSwitch
Authenticated
VLAN 2
Authenticated
VLAN 1
RADIUS or TACACS+ or
LDAP servers
The switch polls the servers
for login information to
authenticate users through
the switch.
for login information to
authenticate users through
the switch.
Servers Used for Authenticated VLANs