Netopia 4752 用户手册
Security 13-31
■
You select your desired mode by using the Security Databases pop-up menu.
■
Choosing Local Only, the default, selects the pre-4.8 authentication mechanism.
■
Choosing RADIUS Only causes the router to ignore the local database and to authenticate users using
the configured RADIUS ser ver.
the configured RADIUS ser ver.
■
Choosing RADIUS then Local causes the router to attempt to authenticate a user first using a RADIUS
ser ver and then, if that fails, using the local authentication database.
ser ver and then, if that fails, using the local authentication database.
■
Choosing Local then RADIUS causes the router to attempt to authenticate a user first using the local
authentication database, and then, if that fails using the configured RADIUS ser ver.
authentication database, and then, if that fails using the configured RADIUS ser ver.
Note: In the latter two modes that involve both RADIUS and the local database, if the local database includes
no username/password pairs, authentication will succeed only if the RADIUS ser ver authenticates the user.
This differs from the Local Only mode where no authentication is per formed when the local database is empty.
no username/password pairs, authentication will succeed only if the RADIUS ser ver authenticates the user.
This differs from the Local Only mode where no authentication is per formed when the local database is empty.
If the primar y RADIUS ser ver responds with an access rejection or an access challenge, the alternate RADIUS
ser ver is not contacted. Only if the primar y RADIUS ser ver fails to respond at all is the alternate RADIUS ser ver
contacted.
ser ver is not contacted. Only if the primar y RADIUS ser ver fails to respond at all is the alternate RADIUS ser ver
contacted.
Therefore, do not attempt to select any of the RADIUS options unless you have a RADIUS ser ver correctly
configured for this purpose. If you attempt to use RADIUS authentication without a RADIUS ser ver, you will lose
your configuration access to the router.
configured for this purpose. If you attempt to use RADIUS authentication without a RADIUS ser ver, you will lose
your configuration access to the router.
The Advanced Security Options screen suppor ts both a primar y RADIUS ser ver and an alternate RADIUS
ser ver. When the router is configured to authenticate using RADIUS, it will first attempt to contact the
primar y RADIUS ser ver; if the primar y RADIUS ser ver responds, RADIUS authentication succeeds or fails
based on the response returned by the primar y ser ver. If and only if the primar y ser ver fails to respond, the
router will attempt to contact the alternate RADIUS ser ver to authenticate the user. The router makes two
attempts per ser ver, three seconds apar t.
ser ver. When the router is configured to authenticate using RADIUS, it will first attempt to contact the
primar y RADIUS ser ver; if the primar y RADIUS ser ver responds, RADIUS authentication succeeds or fails
based on the response returned by the primar y ser ver. If and only if the primar y ser ver fails to respond, the
router will attempt to contact the alternate RADIUS ser ver to authenticate the user. The router makes two
attempts per ser ver, three seconds apar t.
■
You can specify the RADIUS Server Addr/Name and the Alt RADIUS Server Addr/Name either by using a
Advanced Security Options
+-------------------+
+-------------------+
Security Databases... | Local only |
| RADIUS only |
RADIUS Server Addr/Name: | RADIUS then Local |
RADIUS Server Secret: | Local then RADIUS |
Alt RADIUS Server Addr/Name: +-------------------+
Alt RADIUS Server Secret:
RADIUS Identifer:
RADIUS Server Authentication Port: 1812
+-------------------+
+-------------------+
Security Databases... | Local only |
| RADIUS only |
RADIUS Server Addr/Name: | RADIUS then Local |
RADIUS Server Secret: | Local then RADIUS |
Alt RADIUS Server Addr/Name: +-------------------+
Alt RADIUS Server Secret:
RADIUS Identifer:
RADIUS Server Authentication Port: 1812