Nortel Networks 1000BASE-ZX Manual Do Utilizador

Chapter 1 BayStack 420 Switch

Using the BayStack 420 10/100/1000 Switch

The RADIUS-based security feature allows you to set up network access control, 
using the RADIUS (Remote Authentication Dial-In User Services) security 
protocol. The RADIUS-based security feature uses the RADIUS protocol to 
authenticate local console and Telnet logins.

You will need to set up specific user accounts (user names and passwords, and 
Service-Type attributes) on your RADIUS server before the authentication 
process can be initiated. To provide each user with appropriate levels of access to 
the switch, set the following username attributes on your RADIUS server:

•

Read-write access—Set the Service-Type field value to Administrative.

•

Read-only access—Set the Service-Type field value to NAS-Prompt.

For detailed instructions to set up your RADIUS server, refer to your RADIUS 
server documentation.

For instructions to use the console interface (CI) to set up the RADIUS-based 
security feature, see 

The MAC address-based security feature allows you to set up network access 
control, based on source MAC addresses of authorized stations.

You can:

•

Create a list of up to 448 MAC addresses and specify which addresses are 
authorized to connect to your switch or stack configuration. The 448 MAC 
addresses can be configured within a single standalone switch, or they can be 
distributed in any order among the units in a single stack configuration.

•

Specify which of your switch ports each MAC address is allowed to access.

The options for allowed port access include: NONE, ALL, and single or 
multiple ports that are specified in a list, for example, 1/1-4,1/6,2/9 (see 

” on 

).

•

Specify optional actions to be exercised by your switch if the software detects 
a security violation.