HP 10500 Series Configuration Manual page 356

server, 125
server (IMC PLAT 5.0) configuration, 143, 158
server detection configuration, 157
setting max number online users, 135
specifying auto redirect URL for users, 138
specifying domain, 136
specifying outgoing packet source IP address, 138
specifying server, 133
support for EAP, 127
support for EAP process, 130
system components, 124
troubleshooting, 165
troubleshooting inconsistent keys on access device
and portal server, 165
troubleshooting incorrect server port number on
access device, 165
user information synchronization configuration,
157
verifying cross-subnet
authentication configuration, 164
power-up self-test
cryptographic engine, 295
software cryptographic algorithm, 295
probe (MFF), 276
procedure
applying IPsec policy, 309
applying QoS policy, 189
authentication (802.1X), 76
configuring 802.1X ACL assignment, 103
configuring 802.1X authentication trigger function,
91
configuring 802.1X Auth-Fail VLAN, 95
configuring 802.1X critical VLAN, 96
configuring 802.1X guest VLAN, 94, 101
configuring 802.1X
function, 89
configuring 802.1X quiet timer, 92
configuring 802.1X VLAN assignment, 101
configuring AAA, 47
configuring AAA for portal users by RADIUS server,
52
configuring AAA for RADIUS server 802.1X user,
60
configuring AAA local user, 16
configuring AAA local user attributes, 17
configuring AAA method for ISP domain, 38
configuring AAA user group attributes, 19
configuring ACL for IPsec, 303
configuring ARP attack protection, 251
configuring ARP
acknowledgement, 256
across VPNs
online user handshake
attack protection
configuring
unresolvable IP attack, 252, 253
configuring ARP attack protection source MAC
address-based detection, 254, 255
configuring
suppression, 252
configuring ARP attack protection user validity and
packet validity checks, 261
configuring ARP attack protection user validity
check, 257, 259
configuring ARP automatic scanning, 264, 265
configuring ARP detection, 257
configuring ARP packet validity check, 258
configuring ARP restricted forwarding, 259, 262
configuring authentication source subnet, 135
configuring auto-mode MFF in ring network, 278
configuring auto-mode MFF in tree network, 277
configuring cross-subnet across VPNs portal
portal authentication, 163
configuring cross-subnet portal authentication, 149
configuring cross-subnet portal authentication with
extended functions, 155
configuring device as SSH SCP client, 215
configuring device as SSH SFTP client, 212
configuring direct portal authentication, 142
configuring direct portal authentication with
extended functions, 151
configuring EAD fast deployment, 106, 108
configuring FIPS, 296
configuring fixed ARP (ARP attack protection), 264,
265
configuring for HWTACACS server Telnet user
(AAA), 47
configuring free IP (EAD fast deployment), 106
configuring
authentication for Telnet user, 66
configuring IKE, 323
configuring IKE DPD detector, 322
configuring IKE keepalive timers, 321
configuring IKE local security gateway name, 318
configuring IKE NAT keepalive timer, 321
configuring IKE peer, 319
configuring IKE proposal, 318
configuring IP source guard, 236, 243
configuring IPsec, 302
configuring IPsec anti-replay, 310
configuring IPsec policy using IKE, 307
configuring IPsec session idle timeout, 309
configuring IPsec transform set, 304
active configuring IPsec tunnel using IKE, 312
configuring IPv4 source guard, 238
346
ARP attack protection
ARP attack protection
HWTACACS level
against
source
switching