Aaa For 802.1X Users By A Radius Server - HP FlexNetwork 10500 Series Security Configuration Manual

Verifying the configuration
# Initiate an SSH connection to the switch, and enter the username aaa@bbb and password
ldap!123456. The user logs in to the switch. (Details not shown.)
# Verify that the user can use the commands permitted by the network-operator user role. (Details
not shown.)

AAA for 802.1X users by a RADIUS server

Network requirements
As shown in
•
Use the RADIUS server for authentication, authorization, and accounting of 802.1X users.
•
Use MAC-based access control on GigabitEthernet 1/0/1 to authenticate all 802.1X users on
the port separately.
•
Include domain names in the usernames sent to the RADIUS server.
On the RADIUS server, perform the following tasks:
•
Add a service that assigns authenticated users to VLAN 4.
•
Configure a user with the name dot1x@bbb and assign the service to the user.
Set the shared keys for secure RADIUS communication to expert. Set the ports for authentication
and accounting to 1812 and 1813, respectively.
Figure 21 Network diagram
Configuration procedure
1. Configure interfaces and VLANs, so the host promptly obtains a new IP address to access
resources in the authorized VLAN after passing authentication. (Details not shown.)
2. If you are using IMC PLAT 5.0, configure the RADIUS server as follows:
NOTE:
In this section, the authentication and accounting RADIUS servers are IMC UAM 5.0 (E0101). It
is running on IMC PLAT 5.0 (E0101).
# Add the switch to the IMC Platform as an access device.
Log in to IMC, click the Service tab, and select User Access Manager > Access Device
Management > Access Device from the navigation tree. Then, click Add to configure an
access device as follows:
a. Set the shared key for secure authentication and accounting communication to expert.
b. Set the ports for authentication and accounting to 1812 and 1813, respectively.
c. Select LAN Access Service as the service type.
Figure 21, configure the switch to meet the following requirements:
61