Use Agile Controller as Radius Server to authenticate administrators in eSight

Publication Date:  2018-01-31 Views:  31 Downloads:  0
Issue Description

Engineer wants to use Agile Controller as Radius Server and manage all NEs and software’s administrator users in a centralized manner.

Solution

Agile Controller configuration procedure:


1.   Choose Resource > Device > Device Management, and add the switch.

2. [AC-Campus]
Configure authentication and authorization for the device management service.

a.    Choose Policy > Permission Control > Authentication and Authorization > Authorization Result, and configure the authorization result.



b.   Choose Policy > Permission Control > Authentication and Authorization > Authorization Rule, and configure the authorization result.

 



eSight configuration procedure



1.    Configure interconnection parameters on the RADIUS server.

a.    Log in to the RADIUS server as an operating system user in the Administrators group.

b.   Configure a shared key for the RADIUS server and eSight.

   i.        Access RADIUS service installation directory\etc\raddb, open the clients.conf file, and set the IP address, host name, shared key, and connection type for the eSight server in the file.

 

       
ii.     
Access RADIUS service installation directory\etc\raddb, open the naslist file, and add parameters specified in 1.b.i to the file.

c.    Configure role information on the RADIUS server.

Access RADIUS service installation directory\etc\raddb, open the user.conf file, and set users' role information.

The following example shows how to add role information for the user Tod.


Repeat this step to add role information for all users.

d.   Restart the RADIUS service.

         
   i. 
Right-click the FreeRADIUS icon on the toolbar.

       
   ii. 
Choose Start FreeRADIUS.net in DEBUG Mode from the shortcut menu to start the RADIUS service.

2.  Configure interconnection parameters on eSight.

a.  Choose System > System Settings > Set Notification Server.

b. Select Authentication to RADIUS.

c. Set RADIUS authentication parameters in terms of the basic settings, client, custom attribute, and authentication.





 





 



 

END