Chapter 30 AAA Server
NXC5200 User’s Guide
427
Authentication Capability List
This list displays the NXC’s authentication capabilities:
AAA Servers Supported by the NXC
The following lists the types of authentication server the NXC supports.
• Local user database
The NXC uses the built-in local user database to authenticate administrative
users logging into the NXC’s Web Configurator or network access users logging
into the network through the NXC.
• Directory Service (LDAP/AD)
LDAP (Lightweight Directory Access Protocol)/AD (Active Directory) is a
directory service that is both a directory and a protocol for controlling access to
a network. The directory consists of a database specialized for fast information
retrieval and filtering activities. You create and store user profile and login
information on the external server.
• RADIUS
RADIUS (Remote Authentication Dial-In User Service) authentication is a
popular protocol used to authenticate users by means of an external or built-in
RADIUS server. RADIUS authentication allows you to validate a large number of
users from a central location.
Note: Because the NXC has an internal authentication database, you can create local
login accounts on it without needing to rely on an external authentication server.
The built-in authentication server supports PEAP/EAP-TLS/EAP-TTLS.
Table 161
Authentication Capability List
INTERNAL AUTHENTCATION METHOD
EXTERNAL
RADIUS
AD
LDAP
RADIUS
EAP-TLS
O
O
O
O
EAP-TTLS
( Mschapv2/Mschap)
O
A
A. Must set domain authentication.
O
O
O
EAP-TTLS
(eap)
X
X
X
O
EAP-TTLS
(pap)
O
O
O
O
EAP-PEAP
(Mschapv2)
O
A
O
O
O
EAP-PEAP
(TLS)
X
X
X
O
EAP-MD5
X
X
X
O