6-8
RADIUS Authentication, Authorization, and Accounting
Configuring the Switch for RADIUS Authentication
Outline of the Steps for Configuring RADIUS
Authentication
There are three main steps to configuring RADIUS authentication:
1.
Configure RADIUS authentication for controlling access through one or
more of the following
•
Serial port
•
Telnet
•
SSH
•
Port-Access (802.1X)
•
WebAgent
2.
Enable RADIUS authentication on the switch to override the default
authentication operation of automatically assigning an authenticated cli-
ent to the Operator privilege level. This optional feature applies the
privilege level specified by the Service Type value received from the
RADIUS server. (Refer to “1. Configure Authentication for the Access
Methods You Want RADIUS To Protect” on page 6-9.)
3.
Configure the switch for accessing one or more RADIUS servers (one
primary server and up to two backup servers):
N o t e
This step assumes you have already configured the RADIUS server(s) to
support the switch. Refer to the documentation provided with the
RADIUS server documentation.)
•
Server IP address
•
(Optional) UDP destination port for authentication requests (default:
1812; recommended)
•
(Optional) UDP destination port for accounting requests (default:
1813; recommended)
•
(Optional) encryption key for use during authentication sessions with
a RADIUS server. This key overrides the global encryption key you
can also configure on the switch, and must match the encryption key
used on the specified RADIUS server. (Default: null)
4.
Configure the global RADIUS parameters.
•
Server Key:
This key must match the encryption key used on the
RADIUS servers the switch contacts for authentication and account-
ing services unless you configure one or more per-server keys.
(Default: null.)
Summary of Contents for E3800 Series
Page 2: ......
Page 3: ...HP Networking E3800 Switches Access Security Guide September 2011 KA 15 03 ...
Page 30: ...xxviii ...
Page 86: ...2 36 Configuring Username and Password Security Password Recovery ...
Page 186: ...4 72 Web and MAC Authentication Client Status ...
Page 364: ...8 32 Configuring Secure Shell SSH Messages Related to SSH Operation ...
Page 510: ...10 130 IPv4 Access Control Lists ACLs General ACL Operating Notes ...
Page 548: ...11 38 Configuring Advanced Threat Protection Using the Instrumentation Monitor ...
Page 572: ...12 24 Traffic Security Filters and Monitors Configuring Traffic Security Filters ...
Page 730: ...20 Index ...
Page 731: ......