in location

OR

I'm looking for

  • Wholesalers
    • Uncheck All Check All
  • EXPERTISE
    • Expand
    • Expand
    • Expand
    • Uncheck All Check All
  • Switchboard Manufacturers
    • Uncheck All Check All
OR

The best way to see what Clipsal electric products can do for your home is seeing them in action at a Clipsal Powerhouse Display Centre.

Product stock may vary according to location. If you're after a specific product range, please check with your chosen location before visiting.

10 Results
    Load More Load Complete
    Change Location

    How do I configure my RADIUS server to authenticate my APC Network Enabled device?

    Issue

    RADIUS set up with APC Network Management Card enabled products.


    Product Line

    • Network Management Card 1 (NMC1) - AP9617, AP9618, AP9619
    Devices with an embedded Network Management Card 1 include (but are not limited to): Metered/Switched Rack PDUs (AP78XX, AP79XX), Rack Automatic Transfer Switches (AP77XX, Environmental Monitoring Units (AP9320, AP9340, Netbotz 200)
    • Network Management Card 2 (NMC2) - AP9630/AP9630CH, AP9631/AP9631CH, AP9635/AP9635CH
    Devices with an embedded Network Management Card 2 include (but are not limited to): 2G Metered/Switched Rack PDUs (AP86XX, AP88XX, AP89XX), Certain Audio/Video Network Management Enabled products.


    Environment
     
    • All serial numbers
    • Firmware versions v2.X.X and higher

    Cause

    Configuration can vary based on the RADIUS server being used. Below is a successful configuration taken from a FreeRADIUS server. Though this configuration worked through testing, APC by Schneider Electric cannot guarantee that this configuration will work on your RADIUS server. Configuring of your RADIUS server should be provided by your RADIUS server administrator.

    Note: Further information on using the specific variety of FreeRADIUS (v2.1.10) included in Zentyal Linux 3.3 is also available in knowledge base article ID FA232648.


    Resolution

    The three files that need to be edited in order for FreeRADIUS to authenticate properly are:

    1) clients.conf
    2) dictionary
    3) users file

    Below are examples of entries that should be entered into each file.

    1) clients.conf

    client xxx.xxx.xxx.xxx (you would enter the IP address or IP address range of devices authenticating through RADIUS)
    secret = radius
    shortname = apc

    2) dictionary

    VENDOR APC 318

    BEGIN-VENDOR APC

    ATTRIBUTE APC-Service-Type 1 integer APC

    VALUE APC-Service-Type Admin 1
    VALUE APC-Service-Type Device 2
    VALUE APC-Service-Type ReadOnly 3

    3) users

    # APC local radius authentication (working)
    apcradius (username) Auth-Type := Local, User-Password == "apcradius"
    APC-Service-Type = 1


    Once these entries are made, you should be able to access your APC product via RADIUS authentication.

    In some cases, you do need to specify Vendor Specific Attributes. For example, APC part number AP7900 (Switched Rack PDU) uses the same login accounts as listed in the previous example. However, the AP7900 also allows specific outlets to have their own separate accounts/logins. Therefore, you must create additional entries in the event that a user has a login for specific outlets.

    1) clients.conf

    client xxx.xxx.xxx.xxx {IP address or IP address range of devices using RADIUS authentication}
    secret = radius
    shortname = ap7900

    2) dictionary

    VENDOR APC 318

    BEGIN-VENDOR APC

    ATTRIBUTE APC-Service-Type 1 integer APC
    ATTRIBUTE APC-Outlets 2 string APC

    VALUE APC-Service-Type Admin 1
    VALUE APC-Service-Type Device 2
    VALUE APC-Service-Type ReadOnly 3
    VALUE APC-Service-Type Outlet 4

    3) users

    VSAAdmin Auth-Type = Local, Password = "admin"
         APC-Service-Type = Admin

    VSADevice Auth-Type = Local, Password = "device"
         APC-Service-Type = Device

    VSAReadOnly Auth-Type = Local, Password = "readonly"
         APC-Service-Type = ReadOnly

    userA Auth-Type = Local, Password = "apc"
         APC-Service-Type = Outlet, APC-Outlets = "1,3,5"

    userB Auth-Type = Local, Password = "apc"
         APC-Service-Type = Outlet, APC-Outlets = "1,2,3,4,5,6,7,8"

    UserA will now have access to outlets 1,3,5 and userB will have access to outlets 1,2,3,4,5,6,7,8.



    RADIUS and Network Port Sharing with Switched Rack PDU 2G (AP86XX, AP89XX)


    Note: See the Security Handbook for APC Network Management Cards for more information on using RADIUS.

    For RADIUS users file with VSAs, outlets on guest Rack PDUs can be associated to RADIUS users by using the following method.

    # give user access to outlets 1, 2, and 3 on PDU 1,
    # outlet 7 on PDU 2, outlets 1 through 6
    # on PDU 3, and outlets 1,2,4 through 6, 7 through 10,
    # and 20 on PDU 4

    newOutletUser Auth-Type = Local, User-Password = "newoutlets"
    APC-Service-Type = Outlet,
    APC-Outlets = "1[1,2,3];2[7];3[1-6];4[1,2,4-6,7-10,20];"


    If you have trouble configuring your RADIUS server, it is advised that you contact your RADIUS server vendor for assistance.

     

    Didn’t find what you were looking for?

    Try Searching Again View Our Categories

    Need further assistance?

    Our Customer Care department provides total customer service solutions for our residential, industrial and commercial applications.

    Get Assistance