Sie zeigen eine alte Version dieser Seite an. Zeigen Sie die aktuelle Version an.

Unterschiede anzeigen Seitenhistorie anzeigen

« Vorherige Version anzeigen Version 5 Nächste Version anzeigen »


Description:
This document describes the settings to make on LANCOM GS-23xx series switches and LANCOM routers in order to implement MAC-based authentication at the internal RADIUS server of a LANCOM device.


Requirements:


Procedure:
1) Setting up the RADIUS server on the LANCOM router:

1.1) Open the configuration of the router in LANconfig, go to the menu RADIUS → Server and set the checkmark next to RADIUS-Authentisierung aktiv.

1.2)
  • Then click the button IPv4 clients to specify the switch as a new client.
    • IP address: IP address of the switch
    • Netmask: 255.255.255.255
    • Protocols: RADIUS
    • Client secret: The same secret as the one entered into the switch
2.3) Add one or more entries to the User table
  • In the RADIUS server user table, add one or more new entries with the following settings:
    • Name / MAC address MAC address of the client in the format xx-xx-xx-xx-xx-xx
    • Case-sensitive user name check: Set the checkmark
    • Password: The MAC address of the client
    • Service type: Framed
    • Expiry type: Never
Write the configuration back to the LANCOM router. This concludes the configuration.


2) Setting up the RADIUS authenticator on the switch:

2.1) Open the webinterface of the device, go to the menu Security → AAA → Configuration, modify the following parameters in the RADIUS Authentication Server Configuration and click Apply:

  • Set the checkbox for Enabled.
  • IP Address/Hostname: Enter the IP address of the router where the RADIUS server was configured in step 1).
  • Port: Make sure, that the port 1812 is used.
  • Secret: Enter the Client-Secret entered in step 1.5). The switch uses this password for authenticating itself with the RADIUS server.
2.2) Go to the menu Security → NAS → Configuration → System Configuration, modify the following parameters and click Apply:
  • Mode: In the dropdown menu select the option Enabled.
  • Port Configuration: For the Admin State select the option MAC-based Auth..
2.3 Go to the menu Maintenance → Save/Restore → Save Start and click Save to save the configuration as the Start configuration.


The start configuration is retained even if the device is restarted or there is a power failure.

2.4) This concludes the configuration of the switch.



All LANCOM products and software versions are subject to LANCOM Software Lifecycle Management.
You can find information on our website at https://www.lancom-systems.com/products/firmware/software-lifecycle-management

© 2025 LANCOM Systems GmbH