HP 3500yl Series Access Security Manual page 259

Syntax: aaa authentication <port-access <local |eap-radius | chap-radius> |
<mac-based | web-based <chap-radius | peap-mschapv2> [none |
authorized | server-group <group-name>] >>
Configures the primary authentication method for port-
access, MAC-based, or web-based access.
mac-based | web-based <chap-radius | peap-mschapv2>: Pass-
word authentication for web-based or MAC-based port access
to the switch. Use peap-mschapv2 when you want password
verification without requiring access to a plain text pass-
word; it is more secure. Default: chap-radius
port-access <local | eap-radius | chap-radius>: Configures local,
chap-radius (MD5), or eap-radius as the primary password
authentication method for port-access. The default primary
authentication is local. (Refer to the documentation for your
RADIUS server application.)
[none | authorized | server-group <group-name>]:
Syntax: aaa accounting <exec | network | system | commands | <start-stop | stop-
only> radius [server-group <group-name>]
Configures accounting type and how data will be sent to the
RADIUS server.
radius: Uses RADIUS protocol as accounting method.
server-group <group-name>: Specifies the server group to
use with RADIUS.
RADIUS Authentication, Authorization, and Accounting
Configuring the Switch for RADIUS Authentication
[ local | none | authorized ]: Provides options for
secondary authentication (default: none). Note
that for console access, secondary authentication
must be local if primary access is not local. This
prevents you from being locked out of the switch
in the event of a failure in other access methods.
none: No backup authentication method is used.
authorized: Allow access without authentication
server-group <group-name>: Specifies the server
group to use with RADIUS.
6-25