6-58
RADIUS Authentication, Authorization, and Accounting
Accounting Services
•
Provide the following:
–
A RADIUS server IP address.
–
Optional—a UDP destination port for authentication requests.
Otherwise the switch assigns the default UDP port (1812; recom-
mended).
–
Optional—if you are also configuring the switch for RADIUS
authentication, and need a unique encryption key for use during
authentication sessions with the RADIUS server you are desig-
nating, configure a server-specific key. This key overrides the
global encryption key you can also configure on the switch, and
must match the encryption key used on the specified RADIUS
server. For more information, refer to the
key <
key-string
>
param-
eter on page 6-15. (Default: null)
2.
(Optional) Reconfigure the desired Acct-Session-ID operation.
•
Unique (the default setting):
Establishes a different Acct-Session-
ID value for each service type, and incrementing of this ID per CLI
command for the Command service type. (Refer to “Unique Acct-
Session-ID Operation” on page 6-54.)
•
Common:
Establishes the same Acct-Session-ID value for all service
types, including successive CLI commands in the same management
session.
3.
Configure accounting types and the controls for sending reports to the
RADIUS server.
•
Accounting types:
–
exec (page 6-52)
–
network (page 6-52)
–
system (page 6-52)
–
commands (page 6-53)
•
Trigger for sending accounting reports to a RADIUS server:
At
session start and stop or only at session stop
4.
(Optional) Configure session blocking and interim updating options
•
Updating:
Periodically update the accounting data for sessions-in-
progress.
•
Suppress accounting:
Block the accounting session for any
unknown user with no username access to the switch.
1. Configure the Switch To Access a RADIUS Server
Before you configure the actual accounting parameters, you should first
configure the switch to use a RADIUS server. This is the same as the process
described on page 6-15. You need to repeat this step here only if you have not
Содержание HP ProCurve Series 6600
Страница 2: ......
Страница 6: ...iv ...
Страница 26: ...xxiv ...
Страница 102: ...2 48 Configuring Username and Password Security Password Recovery ...
Страница 204: ...4 72 Web and MAC Authentication Client Status ...
Страница 550: ...10 130 IPv4 Access Control Lists ACLs General ACL Operating Notes ...
Страница 612: ...12 24 Traffic Security Filters and Monitors Configuring Traffic Security Filters ...
Страница 734: ...14 44 Configuring and Monitoring Port Security Operating Notes for Port Security ...
Страница 756: ...16 8 Key Management System Configuring Key Chain Management ...
Страница 776: ...20 Index web server proxy 14 42 webagent access 6 6 wildcard See ACL wildcard See ACL ...
Страница 777: ......