5-18 B30 BUS DIFFERENTIAL SYSTEM – INSTRUCTION MANUALPRODUCT SETUP CHAPTER 5: SETTINGS5Table 5-3: RADIUS server settingsTable 5-4: General security settingsSetting name Description Minimum Maximum Default Units MinimumpermissionPrimary RADIUS IPAddressIP address of the main RADIUS server.Default value indicates no PrimaryRADIUS server is configured, and henceRADIUS is disabled.Restart the relay for any change to takeeffect.0.0.0.0 223.255.255.254 0.0.0.0 - AdministratorPrimaryAuthentication PortRADIUS authentication port 1 65535 1812 - AdministratorPrimary AccountingPortRADIUS accounting port 1 65535 1813 - AdministratorVendor ID An identifier that specifies RADIUSvendor-specific attributes used with theprotocolValue thatrepresentsGeneralElectricAdministratorRADIUSAuthenticationMethodAuthentication method used by RADIUSserver. Can use EAP-TTLS, PEAP-GTC, orPAP. Selecting the PEAP-GTC optiondisables RADIUS authentication.EAP-TTLS PAP EAP-TTLS - AdministratorRADIUSAuthentication(Shared) SecretShared secret used in authentication. Itdisplays as asterisks. This setting mustmeet the CyberSentry passwordrequirements.See thePasswordRequirementssection earlierin this chapterSee the followingpassword sectionfor requirementsN/A - AdministratorTimeout Timeout in seconds between re-transmission requests0 9999 10 sec AdministratorRetries Number of retries before giving up 0 9999 3 - AdministratorConfirm RADIUSAuthentication(Shared) SecretConfirmation of the shared secret. Theentry displays as asterisks.See thePasswordRequirementssection245 characters N/A - AdministratorSetting name Description Minimum Maximum Default Units MinimumpermissionSession Lockout Number of failed authentications before thedevice blocks subsequent authenticationattempts for the lockout period0 (lockoutdisabled)99 3 - AdministratorSession LockoutPeriodThe period in minutes that a user is preventedfrom logging in after being locked out0 (no period) 9999 3 min AdministratorSyslog Server IPAddressThe IP address of the target Syslog server towhich all security events are transmitted0.0.0.0 223.255.255.2540.0.0.0 - AdministratorSyslog Server PortNumberThe UDP port number of the target syslogserver to which all security events aretransmitted1 65535 514 - AdministratorDeviceAuthenticationWhen enabled, local Device authenticationwith roles is allowed. When disabled, the URonly authenticates to the AAA server (RADIUS).NOTE: Administrator and Supervisor (if stillenabled) remain active even after Deviceauthentication is disabled. The only permissionfor local Administrator is to re-enable Deviceauthentication when Device authentication isdisabled. To re-enable Device authentication,the Supervisor unlocks the device for settingchanges, and then the Administrator can re-enable Device authentication.Disabled Enabled Enabled - Administrator
