Table Of Contents - HP 5920 Series Configuration Manual
Hide thumbs
Also See for 5920 Series:
- Command reference manual (607 pages) ,
- Configuration manual (424 pages) ,
- Fc and fcoe configuration manual (257 pages)
Table of Contents
Advertisement
Contents
Configuring AAA ························································································································································· 1
Overview ············································································································································································ 1
RADIUS ······································································································································································ 2
HWTACACS ····························································································································································· 7
LDAP ·········································································································································································· 9
AAA implementation on the device ····················································································································· 11
AAA for MPLS L3VPNs ········································································································································· 13
Protocols and standards ······································································································································· 13
RADIUS attributes ·················································································································································· 13
AAA configuration considerations and task list ·········································································································· 16
Configuring AAA schemes ············································································································································ 17
Configuring local users ········································································································································· 18
Configuring RADIUS schemes ······························································································································ 21
Configuring HWTACACS schemes ····················································································································· 29
Configuring LDAP schemes ·································································································································· 35
Configuring AAA methods for ISP domains ················································································································ 38
Configuration prerequisites ·································································································································· 39
Creating an ISP domain ······································································································································· 39
Configuring ISP domain attributes ······················································································································· 39
Configuring authentication methods for an ISP domain ··················································································· 40
Configuring authorization methods for an ISP domain ····················································································· 41
Configuring accounting methods for an ISP domain ························································································· 42
Displaying and maintaining AAA ································································································································ 43
AAA for SSH users by an HWTACACS server ··········································································································· 43
Network requirements ··········································································································································· 43
Configuration procedure ······································································································································ 44
Local authentication, HWTACACS authorization, and RADIUS accounting for SSH users ··································· 45
Network requirements ··········································································································································· 45
Configuration procedure ······································································································································ 45
Authentication and authorization for SSH users by a RADIUS server ······································································ 46
Network requirements ··········································································································································· 46
Configuration procedure ······································································································································ 47
Authentication for SSH users by an LDAP server ········································································································ 50
Network requirements ··········································································································································· 50
Configuration procedure ······································································································································ 50
Troubleshooting RADIUS ··············································································································································· 54
RADIUS authentication failure ······························································································································ 54
RADIUS packet delivery failure ···························································································································· 54
RADIUS accounting error ····································································································································· 55
Troubleshooting HWTACACS ······································································································································ 55
Troubleshooting LDAP ···················································································································································· 55
802.1X overview ······················································································································································· 57
802.1X architecture ······················································································································································· 57
Controlled/uncontrolled port and port authorization status ······················································································ 57
802.1X-related protocols ·············································································································································· 58
Packet formats ························································································································································ 59
EAP over RADIUS ·················································································································································· 60
Initiating 802.1X authentication ··································································································································· 60
i
Advertisement
Table of Contents
Troubleshooting
