• September 19, 2020, 10:09:19 PM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Radius authentication on Avaya 5520  (Read 3029 times)

0 Members and 1 Guest are viewing this topic.

Offline Aryal

  • Rookie
  • **
  • Posts: 2
Radius authentication on Avaya 5520
« on: June 03, 2015, 12:34:30 AM »
Hi,
Is it possible to get Avaya 5520 switches authenticated through a radius server by creating a security group in Active Directory?

Any feedback or comments would be appreciated.

Regards,
Eugene


Offline Dominik

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1564
    • Networkautobahn
Re: Radius authentication on Avaya 5520
« Reply #1 on: June 03, 2015, 02:24:50 AM »
Hi Eugene and welcome to the forum,

yes the ERS5520 supports authetication via RADIUS.

Here are the commands that you need to turn on Radius authetication on your ERS5k:

adius-server host x.x.x.x
radius-server key SECRETKEY
radius-server password fallback

cli password telnet radius
cli password serial radius

For the Rdius AD integration you need only to configure your Radius server.
Here it depends wich Radius server you have, most of them support an AD integration.

Cheers
Itīs always the networks fault!
networkautobahn.com

Offline Aryal

  • Rookie
  • **
  • Posts: 2
Re: Radius authentication on Avaya 5520
« Reply #2 on: June 05, 2015, 12:10:53 AM »
Hi,

I tried the commands and I have configured UDP port 1812 for radius authentication. However while trying to authenticate a telnet session, I get an error, "Access Denied from RADIUS".

I was wondering what specific config I would need to look into while setting up NPS on server 2012r2.

Cheers,
Eugene 
« Last Edit: June 11, 2015, 09:13:00 PM by Aryal »

Offline TankII

  • Hero Member
  • *****
  • Posts: 556
Re: Radius authentication on Avaya 5520
« Reply #3 on: June 23, 2015, 09:57:14 AM »
Return list attributes:
VALUE      Nortel-Service-Type              Administrative       6
VALUE      Nortel-Service-Type              NAS-Prompt       7

We use Identity Engines between AD and the switches, but you need to define these return list attributes in your system for the logins to work.

TankII