Avaya Configuring RADIUS Bedienungsanleitung PDF herunterladen (Seite 26)

Configuring RADIUS

1-10

308640-15.1 Rev 00

Configuring the Remote User to Work with the RADIUS Client

In most RADIUS networks, the remote user is a router. To enable the remote

router to work with the RADIUS authentication client, follow these guidelines:

• Enable dial-optimized routing.

The remote router sends routing updates to advertise its LAN to the client. By

enabling dial-optimized routing, you reduce the frequency of routing updates,

preventing the line from remaining active unnecessarily.

• Configure one-way PPP authentication.

The remote router must support one-way PPP authentication, meaning that

only the client sends CHAP challenges or PAP authentication requests to the

remote user. The remote user only recognizes and responds to the CHAP

challenges or PAP authentication requests from the client.

• Configure a default route in the routing table of the remote router.

The client does not advertise its LAN to the remote router. To specify the path

from the remote router to the client, you configure a default route, which is a

static route that enables the remote router to contact the client.

See Appendix C

for configuration examples.

Using RADIUS with IP Utilities

To use RADIUS authentication with an IP utility, you must configure the

RADIUS server so that it can recognize vendor-specific RADIUS clients.

• For Nortel Networks servers, copy the bayrs.dct, vendor.ini, and dictiona.dcm

files from the distribution CD to the directory you define at installation time

(usually C:\RADIUS\Services). For more information, see Appendix D,

“Vendor-Specific Attributes” and the BaySecure Access Control

Administration Guide for your platform (UNIX, NetWare, or NT).

Note:

To use RADIUS with IP utilities such as FTP, NTP, HTTP, and Telnet,

your RADIUS server must support VSAs.

1 2 ... 21 22 23 24 25 26 27 28 29 30 31 ... 115 116

Keine Kommentare

Avaya Configuring RADIUS Bedienungsanleitung Seite 26