Руководство Пользователя для Cisco Cisco Content Security Management Appliance M1070

If an external user changes the user role for their RADIUS group, the user should log out of the appliance 
and then log back in. The user will have the permissions of their new role. 

The Shared Secret key for access to the RADIUS server must be no more than 48 characters long. 

On the Management Appliance > System Administration > Users page, click Enable. 

Select the Enable External Authentication check box.

Select RADIUS for the authentication type.

Enter the host name for the RADIUS server.

Enter the port number for the RADIUS server. The default port number is 1812.

Enter the Shared Secret key for the RADIUS server.

When enabling external authentication for a cluster of Email Security appliances, enter the same 
Shared Secret key on all appliances in the cluster.

Enter the number of seconds that the appliance waits for a response from the server before timing out.

Select whether to use Password Authentication Protocol (PAP) or Challenge Handshake Authentication 
Protocol (CHAP) for the authentication protocol.

(Optional) Click Add Row to add another RADIUS server. Repeat steps 

 for each RADIUS server 

that your appliance uses for authentication.

When you define multiple external servers, the appliance connects to the servers in the order defined on 
the appliance. You might want to define multiple external servers to allow for failover in case one server 
is temporarily unavailable. 

Enter the amount of time to store external authentication credentials in the web user interface. 

If the RADIUS server uses one-time passwords, for example passwords created from a token, 
enter zero (0). When the value is set to zero, AsyncOS does not contact the RADIUS server again 
to authenticate during the current session.