Configure RADIUS Authentication
Radius authentication can be used to authenticate a user logging into the appliance via CLI. This provides each user with a unique ID and provides external control for user access.
To configure RADIUS on an appliance:
Access the appliance console using ssh.
Log in to the console using the credentials
nsadmin/nsappliance
. An nsshell opens.Enter
configure
to enter the nsshell configure mode.Configure the RADIUS server using these commands:
set radius-server hostname <RADIUS server hostname> set radius-server port <RADIUS server port> set radius-server shared-secret <RADIUS shared secret> set radius-server timeout <timeout> save
Note
The timeout value can be set to a minimum of 1 second and maximum of 60 seconds.
Add a RADIUS user to the appliance using this command:
auth nsshell-user add username <username>
Note
Usernames can only contain lower case alphabets, numbers, underscores, and $. They should start with an alphabet and can end with a $.
Additional users can be added one at a time using this command. To delete a user, replace
add
withdelete
in the above command.