HP 3600 v2 Series Configuration Manual page 42
Hide thumbs
Also See for 3600 v2 Series:
- Command reference manual (510 pages) ,
- Configuration manual (441 pages) ,
- Security configuration manual (398 pages)
Table of Contents
Advertisement
You can specify a source IP address for outgoing RADIUS packets in RADIUS scheme view for a specific
RADIUS scheme, or in system view for all RADIUS schemes whose servers are in the same VPN. Before
sending a RADIUS packet, a NAS selects a source IP address in the following order:
•
Source IP address specified for the RADIUS scheme.
Source IP address specified in system view for the VPN.
•
IP address of the outbound interface specified by the route.
•
To specify a source IP address for all RADIUS schemes:
Step
1.
Enter system view.
2.
Specify a source IP
address for outgoing
RADIUS packets.
To specify a source IP address for a specific RADIUS scheme:
Step
1.
Enter system view.
2.
Enter RADIUS scheme view.
3.
Specify a source IP address
for outgoing RADIUS packets.
Specifying a backup source IP address for outgoing RADIUS packets
In a stateful failover scenario, the active switch authenticates portal users by interacting with the RADIUS
server, and synchronizes its online portal user information to the standby switch through the backup link
established between them. The standby switch only receives and processes synchronization messages
from the active switch. However, when the active switch fails, the RADIUS server does not send RADIUS
packets to the standby switch because it does not know the IP address of the standby switch. To solve this
problem, configure the source IP address for outgoing RADIUS packets on each switch as the backup
source IP address for outgoing RADIUS packets on the other switch. With such configuration, the active
switch sends the source IP address for outgoing RADIUS packets that is configured on the standby switch
to the RADIUS server, so that the RADIUS server can send unsolicited RADIUS packets to the standby
switch.
You can specify a backup IP address for outgoing RADIUS packets in RADIUS scheme view for a specific
RADIUS scheme, or in system view for all RADIUS schemes whose servers are in the same VPN. Before
sending a RADIUS packet, a NAS selects a backup source IP address in the following order:
•
Backup source IP address specified for the RADIUS scheme.
Backup source IP address specified in system view for the VPN.
•
If no backup source IP address is specified in the views, the NAS sends no backup source IP address to
the server.
To specify a backup source IP address for all RADIUS schemes:
Command
system-view
radius nas-ip { ip-address |
ipv6 ipv6-address }
[ vpn-instance
vpn-instance-name ]
Command
system-view
radius scheme
radius-scheme-name
nas-ip { ip-address | ipv6
ipv6-address }
29
Remarks
N/A
By default, the IP address of the outbound
interface is used as the source IP address.
Remarks
N/A
N/A
By default, the IP address of the
outbound interface is used as the
source IP address.
Advertisement
Table of Contents
Troubleshooting
