Configuring Non-local RADIUS Users

In order to allow login with non-local user to the 61000/41000 Security System, you need to define a default role for all non-local users that are configured in the Radius server.

The default role can include a combination of administrative (read/write) access to some features, monitoring (read-only) access to other features, and no access to other features.

Syntax: to define default role for non-local users

add rba role radius-group-any domain-type System readonly-features <List>

readwrite-features <List>

readonly-features <List> - Comma separated list of Gaia features that have read only permissions in the specified role.
readwrite-features <List> - Comma separated list of Gaia features that have read/write permissions in the specified role.

Example:

add rba role radius-group-any domain-type System readonly-features arp

Verification:

Authenticate to the 61000/41000 Security System with a non-local user:

MyLaptop > ssh my_radius_user@my_61k_server

Upon successful authentication, the user 'my_radius_user' will be assigned the role 'radius-group-any' granted all the privileges defined in the radius-group-any role

Top of Page

Download Complete PDF

Send Feedback