SmartSwitch 2000 2nd Generation
SmartSwitch 6000 2nd Generation
SmartSwitch 6000 3rd Generation
Shown below are possible event sequences that would apply to a Serial or Telnet management login attempt, when Radius is configured on the device to be managed:
- If the Radius server can be contacted:[list=1]
- The user is prompted for the Username and Password.
- The information is sent to the Radius server.
- If authentication is received from the server, the login is completed using the granted authorization level.
- If authentication is not received from the server, these steps 1-4 are repeated for a total of up to ten times (not configurable). After ten failures, the login is rejected.
- Challenge - control is passed to the standard non-Radius login routine. This is generally the default.
- Reject - the login is rejected.
- Accept - authentication is given, granting Admin authorization. Note that this is typically only used to debug a Radius configuration.
If the user passes authentication, they get the role assigned by the Radius server.
If the user fails authentication, the result depends upon the "802.1x Strict" vs "802.1x non-Strict" settings (5532).