First, specify the IP address of the server from the global configuration mode
context:
Syntax: radius-server host [<A.B.C.D>| <hostname>]
Syntax: tacacs-server host [<A.B.C.D>| <hostname>]
You can enter either the server's IP address or its hostname. For example:
ProCurve(config)# radius-server host 10.2.3.4
You can specify more than one server. Depending on the type of server that
you specify, the router automatically creates a default group with the name
radius that includes all RADIUS servers, or with the name tacacs that includes
all TACACS+ servers.
You can also place select servers into a group. Use these two commands to
group RADIUS servers:
Syntax: aaa group server radius <groupname>
Syntax: server <A.B.C.D>
Use these two commands to group TACACS+ servers:
Syntax: aaa group server tacacs <groupname>
Syntax: server <A.B.C.D>
For example:
ProCurve(config)# aaa group server tacacs MyServers
ProCurve(config-sg-tacacs)# server 10.2.3.4
ProCurve(config-sg-tacacs)# server10.3.2.1
Configuring an AAA List. The Xauth server can search for remote VPN
users' usernames and passwords in three locations:
a RADIUS server's database
a TACACS+ server's database
the router's local username database
To inform the Xauth server where it should search, create an AAA list and
specify the database as an authentication method. You name the list and add
entries for the authentication method with the same global configuration
mode command. Refer to Table 8-17 for the command syntax for creating an
AAA list for Xauth.
Virtual Private Networks
Configuring a VPN Using IPSec
8-51