v
Install a New Self-Signed Certificate for HTTPS . . . . . . . . . . . . . . . . . 3-61
Generate the Self-Certificate and Key . . . . . . . . . . . . . . . . . . . . . . 3-62
Export the Self-signed Certificate to a File . . . . . . . . . . . . . . . . . 3-63
Install the Self-signed Certificate as a Trusted Root
Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-63
Restart the HTTPS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-64
Install the Self-signed Certificate as a Trusted Root
Certificate on Endpoints . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-64
4 Configuring the RADIUS Server—Integrated with
ProCurve Identity Driven Manager
Contents
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1
Overview
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
RADIUS Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
Authentication Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
Dynamic or User-Based Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
IDM Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5
Data Store Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6
Local Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7
AD (Windows Domain) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7
LDAP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8
Proxy RADIUS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-9
Configure the NAC 800 as a RADIUS Server
. . . . . . . . . . . . . . . . . . . 4-11
Specify the Quarantine Method (802.1X) . . . . . . . . . . . . . . . . . . . . . . . 4-12
Configure Authentication Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14
Configure Authentication to the NAC 800’s Local Database . . . 4-14
Configure Authentication to a Windows Domain . . . . . . . . . . . . 4-16
Configure Authentication to an LDAP Server . . . . . . . . . . . . . . . 4-20
Configure Authentication to a Proxy RADIUS Server . . . . . . . . . 4-30
Test Authentication Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-35
Add NASs as 802.1X Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-40
Apply Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-44
Restart the RADIUS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-44
Содержание 800
Страница 1: ...Configuration Guide www procurve com ProCurve Network Access Controller 800 ...
Страница 2: ......
Страница 3: ...ProCurve Network Access Controller 800 Configuration Guide April 2008 1 0 30398 ...
Страница 74: ...1 62 Overview of the ProCurve NAC 800 Deployment Methods ...
Страница 145: ...3 17 Initial Setup of the ProCurve NAC 800 System Settings Figure 3 9 Home System Configuration Management Server ...
Страница 155: ...3 27 Initial Setup of the ProCurve NAC 800 System Settings ...
Страница 194: ...3 66 Initial Setup of the ProCurve NAC 800 Digital Certificates ...
Страница 328: ...5 64 Configuring the RADIUS Server Without Identity Driven Manager Manage Digital Certificates for RADIUS ...
Страница 336: ...6 8 Disabling Endpoint Integrity Testing Overview ...
Страница 354: ...7 18 Redundancy and Backup for RADIUS Services Back Up Your NAC 800 Configuration ...
Страница 380: ...A 26 Appendix A Glossary ...
Страница 394: ...B 14 Appendix B Linux Commands Service Commands ...
Страница 405: ......
Страница 406: ... Copyright 2007 2008 Hewlett Packard Development Company L P April 2008 Manual Part Number 5991 8618 ...