Chapter 3: Operations 33
You must specify the server’s IP address, the UDP port to be used and a
“secret” to be used. You must also specify a user-rights attribute value that
matches a value in the RADIUS server’s dictionary.
You may also use this command to delete a RADIUS server defi nition.
SERVER RADIUS PRIMARY|SECONDARY DELETE
For more information, see Server RADIUS command in Chapter 5.
2. Issue a Server Security command, using the Authentication parameter to
specify the authentication mode. Use the Encrypt parameter to enable plain
text Telnet connections, SSH connections or both.
SERVER SECURITY AUTHENTICATION=<auth_mode>
ENCRYPT=<conns>
3. You are prompted to save the information. Enter Y to confi rm or N to cancel.
To display authentication confi guration information:
1. Issue a Show Server Security command.
SHOW SERVER SECURITY
The display includes the current CCM authentication settings that were
confi gured with the Server Security command. If SSH access has been
enabled, the display indicates SSH2. Regardless of whether SSH is enabled,
the display includes the authentication method specifi ed with the Server
SSH command.
2. To display CCM RADIUS settings that were confi gured with the Server
RADIUS command, issue a Show Server RADIUS command.
SHOW SERVER RADIUS
For more information, see Server Security command, Show Server Security
command and Show Server RADIUS command in Chapter 5, plus Connecting
to devices using SSH and Enabling plain text Telnet and SSH connections in
this chapter.
Using Security Lock-out
When the Security Lock-out feature is enabled, a user will be locked-out after
five consecutive authentication failures. A successful authentication will
reset the counter to zero. You may configure a lock-out period of from 1-99
hours. Specifying a lock-out period of Ø disables the feature; that is, users
will not be locked-out.
