RADIUS Parameters
The RADIUS parameters are described in the table below.
RADIUS Parameters
Parameter |
Description |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
General RADIUS Parameters | |||||||||||||
'Enable RADIUS Access Control' configure system > radius settings > enable [EnableRADIUS] |
Enables the RADIUS application.
Note: For the parameter to take effect, a device restart is required. |
||||||||||||
'RADIUS VSA Vendor ID' configure system > radius settings > vsa-vendor-id [RadiusVSAVendorID] |
Defines the vendor ID that the device accepts when parsing a RADIUS response packet. The valid range is 0 to 0xFFFFFFFF. The default is 5003. |
||||||||||||
[MaxRADIUSSessions] |
Defines the number of concurrent calls that can communicate with the RADIUS server (optional). The valid range is 0 to 240. The default is 240. |
||||||||||||
'RADIUS Packets Retransmission' [RADIUSRetransmission] |
Defines the number of RADIUS retransmission retries when no response is received from the RADIUS server. See also the [RadiusTo] parameter. The valid range is 1 to 10. The default is 1. |
||||||||||||
'RADIUS Response Time Out' [RadiusTo] |
Defines the time interval (in seconds) that the device waits for a response before it performs a RADIUS retransmission. See also the [RADIUSRetransmission] parameter. The valid range is 1 to 30. The default is 2. |
||||||||||||
configure system > radius settings > rad-pap-req-msg-auth-tx [RadiusPapRequireMsgAuthTx] |
Enables the device (for PAP protocol used for user login) to always include RADIUS attribute 80 (Message-Authenticator) in outgoing RADIUS request messages (Access-Request packets) sent to the RADIUS server.
For more information, see Securing RADIUS Messages with Message-Authenticator Attribute. |
||||||||||||
configure system > radius settings > rad-req-msg-auth-rx [RadiusRequireMsgAuthRx] |
Enables the requirement of RADIUS attribute 80 (Message-Authenticator) in incoming RADIUS messages from the RADIUS server.
For more information, see Securing RADIUS Messages with Message-Authenticator Attribute. |
||||||||||||
RADIUS Accounting Parameters |
|||||||||||||
'RADIUS Accounting Type' configure voip > sip-definition settings > radius-accounting [RADIUSAccountingType] |
Defines at what stage of the call RADIUS accounting messages are sent to the RADIUS accounting server.
|
||||||||||||
'AAA Indications' configure system > cdr > aaa-indications [AAAIndications] |
Enables the Authentication, Authorization and Accounting (AAA) indications.
|
||||||||||||
RADIUS User Authentication Parameters |
|||||||||||||
'Use RADIUS for Web/Telnet Login' configure system > radius settings > enable-mgmt-login [WebRADIUSLogin] |
Enables RADIUS queries for Web and Telnet login authentication. When enabled, logging into the device's Web and Telnet embedded servers is done through a RADIUS server. The device communicates with a user-defined RADIUS server and verifies the given username and password against a remote database in a secure manner.
Note:
|
||||||||||||
'Password Local Cache Mode' configure system > radius settings > local-cache-mode [RadiusLocalCacheMode] |
Defines the device's mode of operation regarding the timer, configured by the [RadiusLocalCacheTimeout] parameter, which determines the validity of the username and password (verified by the RADIUS server).
|
||||||||||||
'Password Local Cache Timeout' configure system > radius settings > local-cache-timeout [RadiusLocalCacheTimeout] |
Defines the duration (in seconds) that the locally stored username and password (verified by the RADIUS server) are valid. When this timeout expires, the username and password become invalid and must be re-verified with the RADIUS server. The valid range is 1 to 0xFFFFFF. The default is 900 (15 minutes).
|
||||||||||||
'RADIUS VSA Access Level Attribute' configure system > radius settings > vsa-access-level [RadiusVSAAccessAttribute] |
Defines the code that indicates the access level attribute in the Vendor Specific Attributes (VSA) section of the received RADIUS packet. The valid range is 0 to 255. The default is 35. |