Avaya Configuring RADIUS Bedienungsanleitung PDF herunterladen (Seite 22)

Configuring RADIUS

1-8

117385-B Rev 00

Using RADIUS with Demand Circuit Groups (Site Manager only)

When configuring a RADIUS client using Site Manager, Site Manager

automatically configures a demand circuit group. However, you will need to

configure a protocol for the demand circuit group. See “Select a Protocol for

RADIUS Authentication” on page 2-7.

To identify the remote user to the RADIUS server, the remote user uses the PPP

CHAP or PAP. The client includes the remote user’s CHAP name and secret or

PAP ID and password in the access challenge to the server. You cannot use VSAs

with demand circuit groups.

Configuring the Remote User to Work with the RADIUS Client

In most RADIUS networks, the remote user is a router. To enable the remote

router to work with the RADIUS authentication client, follow these guidelines:

• Enable dial-optimized routing.

The remote router sends routing updates to advertise its LAN to the client. By

enabling dial-optimized routing, you reduce the frequency of routing updates,

preventing the line from remaining active unnecessarily.

• Configure one-way PPP authentication.

The remote router must support one-way PPP authentication, meaning that

only the client sends CHAP challenges or PAP authentication requests to the

remote user. The remote user only recognizes and responds to the CHAP

challenges or PAP authentication requests from the client.

• Configure a default route in the routing table of the remote router.

The client does not advertise its LAN to the remote router. To specify the path

from the remote router to the client, you configure a default route, which is a

static route that enables the remote router to contact the client.

Refer to Appendix C for configuration examples.

1 2 ... 17 18 19 20 21 22 23 24 25 26 27 ... 98 99

Keine Kommentare

Avaya Configuring RADIUS Bedienungsanleitung Seite 22