Configure RADIUS authentication
Perform this task for Space Console to offer RADIUS authentication through collaboration between a one-time password generation software product (for example, H3C E-Token) and a RADIUS server. RADIUS authentication is securer than password-based authentication.
From the left navigation pane, select Users > Auth Collaboration > Primary Auth > RADIUS Authentication.
Before configuring RADIUS authentication, you must complete the iMC server configuration.
Click the
icon, configure the following parameters, and then click Save:
Server Address: Enter the IP address of a RADIUS server.
Authentication Protocol: Select an option from PAP, CHAP, EAP-MD5, Microsoft CHAP, and Microsoft CHAP 2. Local users support PAP, CHAP, and EAP-MD5. Domain users and LDAP users support only PAP.
Authentication Port: Specify a port for the authentication service. The default is 1812.
Accounting Port: Specify a port for the accounting service. The default is 1813.
Shared Key: Enter the shared key used to communicate with the RADIUS server. Make sure the shared key is the same as that configured on the RADIUS server.
Connection Timeout: Set the timeout period for connections between Space Console and the RADIUS server. The default is 5 seconds.
Password Authentication Method: Select a password authentication method. Only the combination of the account and password and the one-time password is supported.
RADIUS Authentication State: Configure whether to enable RADIUS authentication. If RADIUS authentication is enabled, a user must submit the username and password and a one-time password to log in to the client. To obtain the one-time password, access a one-time password generator installed on your mobile phone (for example, H3C E-Token).