HP VSR1000 Security Configuration Manual page 34
Virtual services router
Hide thumbs
Also See for VSR1000:
- Configuration manual (463 pages) ,
- High availability configuration manual (91 pages) ,
- Layer 2 - wan access command reference (50 pages)
Table of Contents
Advertisement
If the device does not receive any response from the server within the interval, it sets the server to the
•
blocked state.
The device refreshes the RADIUS server status at each detection interval according to the detection result.
The device stops detecting the status of the RADIUS server when one of the following operations is
performed:
The RADIUS server is removed from the RADIUS scheme.
•
The test profile configuration is removed for the RADIUS server in RADIUS scheme view.
•
The test profile is deleted.
•
The RADIUS server is manually set to the blocked state.
•
The RADIUS scheme is deleted.
•
To configure a test profile for RADIUS server status detection:
Step
1.
Enter system view.
2.
Configure a test profile for
detecting the status of
RADIUS authentication
servers.
Creating a RADIUS scheme
Create a RADIUS scheme before performing any other RADIUS configurations. You can configure up to
16 RADIUS schemes. A RADIUS scheme can be referenced by multiple ISP domains.
To create a RADIUS scheme:
Step
1.
Enter system view.
Create a RADIUS scheme and
2.
enter RADIUS scheme view.
Specifying the RADIUS authentication servers
A RADIUS authentication server completes authentication and authorization together, because
authorization information is piggybacked in authentication responses sent to RADIUS clients.
You can specify one primary authentication server and up to 16 secondary authentication servers for a
RADIUS scheme. When the primary server is not available, the device searches for the secondary servers
in the order they are configured. The first secondary server in active state is used for communication.
If redundancy is not required, specify only the primary server. A RADIUS authentication server can
function as the primary authentication server for one scheme and a secondary authentication server for
another scheme at the same time.
To specify RADIUS authentication servers for a RADIUS scheme:
Command
system-view
radius-server test-profile
profile-name username name
[ interval interval ]
Command
system-view
radius scheme
radius-scheme-name
24
Remarks
N/A
By default, no test profile is created
on the device to detect the status of
RADIUS servers.
You can configure multiple test
profiles by executing this command
multiple times.
Remarks
N/A
By default, no RADIUS scheme is
defined.
- Quick Links:
- Configuring the Device as an Ssh...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
