04-07-2011 04:30 PM
I have a SSG-520M setup to use RADIUS for admin auth.
Remote Server Settings is configured for the remote Auth server to have priority, and fallback to permit root and non-root.
Accept remotely authenticated ROOT privileged admins is not checked.
We just realized that whoever setup the firewall initially, left the default root account alone. It's still netscreen/netscreen.
Question is how can I change the default root account name and password, if I can't login with that account while RADIUS is functional?
I'd prefer a non-impacting approach to this, if possible.
04-07-2011 10:14 PM
Have you tried console? Another way might be one I have used with switches: Close the firewall rule which accepts the switch to query RADIUS-server and then it will fallback for local and you can login with local account. This of course only works if you have local userbase as fallback.