102 BigIron RX Series Configuration Guide53-1002253-01Configuring RADIUS security4• You can select only one primary authentication method for each type of access to a device (CLIthrough Telnet, CLI Privileged EXEC and CONFIG levels). For example, you can select RADIUSas the primary authentication method for Telnet CLI access, but you cannot also selectTACACS+ authentication as the primary method for the same type of access. However, you canconfigure backup authentication methods for each access type.RADIUS configuration procedureUse the following procedure to configure a BigIron RX for RADIUS.1. Configure Brocade vendor-specific attributes on the RADIUS server. Refer to “ConfiguringBrocade-specific attributes on the RADIUS server” on page 102.2. Identify the RADIUS server to the BigIron RX. Refer to “Identifying the RADIUS server to theBigIron RX” on page 104.3. Set RADIUS parameters. Refer to “Setting RADIUS parameters” on page 104.4. Configure authentication-method lists. Refer to “Configuring authentication-method lists forRADIUS” on page 105.5. Optionally configure RADIUS authorization. Refer to “Configuring RADIUS authorization” onpage 107.6. Optionally configure RADIUS accounting. “Configuring RADIUS accounting” on page 109.Configuring Brocade-specific attributes on theRADIUS serverNOTEFor the BigIron RX, RADIUS Challenge is supported for 802.1x authentication but not for loginauthentication.During the RADIUS authentication process, if a user supplies a valid username and password, theRADIUS server sends an Access-Accept packet to the device, authenticating the user. Within theAccess-Accept packet are three Brocade vendor-specific attributes that indicate:• The privilege level of the user• A list of commands• Whether the user is allowed or denied usage of the commands in the listYou must add these three Brocade vendor-specific attributes to your RADIUS server’s configuration,and configure the attributes in the individual or group profiles of the users that will access theBigIron RX.Brocade’s Vendor-ID is 1991, with Vendor-Type 1. The following table describes the Brocadevendor-specific attributes.