Authentication And Authorization For Ssh Users By A Radius Server; Network Requirements; Configuration Procedure - HP MSR2000 Configuration Manual
Hide thumbs
Also See for MSR2000:
- Configuration manual (455 pages) ,
- Manual (73 pages) ,
- High availability configuration manual (91 pages)
Table of Contents
Advertisement
Authentication and authorization for SSH users by a
RADIUS server
Network requirements
As shown in
Configure the router to use the RADIUS server for SSH user authentication and authorization and add an
account with the username hello@bbb on the RADIUS server, so that the SSH user can log in to the router
and is authorized with the network-operator user role after login.
Set the shared keys for secure RADIUS communication to expert, and set the ports for authentication to
1812, respectively. Configure the router to include the domain name in the username sent to the RADIUS
server.
Figure 10 Network diagram
SSH user
192.168.1.58/24
Configuration procedure
1.
Configure the RADIUS server on IMC:
NOTE:
In this example, the RADIUS server runs on IMC PLAT 5.1 SP1 (E0202P05) and IMC UAM 5.1 (E0301).
# Add the router to the IMC Platform as an access device.
Log in to IMC, click the Service tab, and select User Access Manager > Access Device
Management > Access Device from the navigation tree. Then, click Add to configure an access
device as follows:
a.
Set the shared key for secure RADIUS communication to expert.
b.
Set the ports for authentication to 1812, respectively.
c.
Select the service type Device Management Service.
d.
Select the access device type HP.
e.
Select the access device from the device list or manually add the access device (with the IP
address 10.1.1.2).
f.
Leave the default settings for other parameters and click OK.
Figure
10, the RADIUS authentication and authorization server runs on IMC.
Eth1/2
10.1.1.2/24
Eth1/1
192.168.1.70/24
Router
RADIUS server
10.1.1.1/24
Internet
41
Advertisement
Table of Contents
Troubleshooting
