Centralized Authentication Based on RADIUS

Availability:

This feature was introduced in M2000 V200R010. 

Summary:

Benefits:

managed in a centralized manner, the OPEX and network security risks are reduced.

With the RADIUS-based centralized user authentication interface, users can remotely authenticate user names and passwords. This interface supports password encryption based on Challenge-Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) of RADIUS. Transmission is not encrypted by default and can be configured as encrypted transmission based on telecom operators requirements. Users can configure this interface in either of the following modes:

however, cannot be used any longer.  As a result, the user information cannot be created, modified, or deleted on the M2000. 

Before using the centralized authentication function, users need to create a user account and authorize the user account on the RADIUS server based on the user group to which the user belongs. When a user logs in to the M2000 through the RADIUS server, the RADIUS authenticates the user account and delivers the authentication result and user role (or user group) information to the M2000. If the user account is successfully authenticated, the M2000 authorizes the user according to the information returned by the RADIUS server .

modified, or deleted on the M2000. 

Before using the centralized authentication function, users need to create a user account and authorize the user account on the RADIUS server based on the user group to which the user belongs. When a user logs in to the M2000 through the RADIUS server, the RADIUS authenticates the user account and delivers the authentication result and user role (or user group) information to the M2000. If the user account is successfully authenticated, the M2000 authorizes the user according to the information returned by the RADIUS server .

None

Dependency:
None