6-21
RADIUS Authentication, Authorization, and Accounting
Configuring the Switch for RADIUS Authentication
Using Multiple RADIUS Server Groups
The authentication and accounting features on the switch can use up to fifteen
RADIUS servers. This option allows the RADIUS servers to be put into groups.
Up to 5 groups of 3 RADIUS servers each can be configured. The authentica-
tion and accounting features can choose which RADIUS server group to
communicate with. End-user authentication methods (802.1X, MAC-based
and web-based) can authenticate with different RADIUS servers from the
management interface authentication methods (console, telnet, ssh, web).
Commands
Several commands are used to support the RADIUS server group option. The
RADIUS server must be configured before it can be added to a group. See
“Configuring the Switch for RADIUS Authentication” on page 6-6 for more
information about configuring RADIUS servers.
.i
Figure 6-8. Example of RADIUS Server Group Command Output
HP Switch(config)# radius-server host 10.33.18.151 acct-port 1750 key
source0151
HP Switch(config)# write mem
HP Switch(config)# show radius
Status and Counters - General RADIUS Information
Deadtime(min) : 0
Timeout(secs) : 5
Retransmit Attempts : 3
Global Encryption Key :
Dynamic Authorization UDP Port : 3799
Auth Acct DM/ Time
Server IP Addr Port Port CoA Window Encryption Key OOBM
--------------- ---- ---- --- ------ -------------------------------- -----
10.33.18.151 1812 1750 No 10 source0151 No
Because the radius-server command includes an
acct-port
keyword with a non-default UDP port
number of 1750, the switch assigns this value as the
UDP accounting port.
Syntax:
[no] radius-server host <
ip-address
>
Adds a server to the RADIUS configuration or (with
no
) deletes
a server from the configuration. You can configure up to
fifteen RADIUS server addresses. The switch uses the first
server it successfully accesses.
Содержание E3800 Series
Страница 1: ...HP Switch Software E3800 switches Software version KA 15 03 September 2011 Access Security Guide ...
Страница 2: ......
Страница 3: ...HP Networking E3800 Switches Access Security Guide September 2011 KA 15 03 ...
Страница 30: ...xxviii ...
Страница 86: ...2 36 Configuring Username and Password Security Password Recovery ...
Страница 186: ...4 72 Web and MAC Authentication Client Status ...
Страница 290: ...6 74 RADIUS Authentication Authorization and Accounting Dynamic Removal of Authentication Limits ...
Страница 364: ...8 32 Configuring Secure Shell SSH Messages Related to SSH Operation ...
Страница 510: ...10 130 IPv4 Access Control Lists ACLs General ACL Operating Notes ...
Страница 548: ...11 38 Configuring Advanced Threat Protection Using the Instrumentation Monitor ...
Страница 572: ...12 24 Traffic Security Filters and Monitors Configuring Traffic Security Filters ...
Страница 659: ...14 11 Configuring and Monitoring Port Security Port Security Figure 14 5 Examples of Show Mac Address Outputs ...
Страница 730: ...20 Index ...
Страница 731: ......