Radius Configuration Example - HP 830 Series Configuration Manual

Item
Username Format
Unit of Data Flows
Unit of Packets
Security Policy Server

RADIUS configuration example

Network requirements
As shown in
accounting (record the online duration of the Telnet user).
Configure RADIUS servers on IMC to use the default authentication and accounting ports.
•
Configure an account for the Telnet user.
Set the shared keys to abc for authentication and accounting exchanges between the switch and the
•
RADIUS server.
• Configure the switch to remove domain names from the usernames sent to the RADIUS server.
Figure 423 Network diagram
Configuration prerequisites
Enable the Telnet server function and configure the switch to implement AAA for Telnet users.
•
(Details not shown.)
Assign IP addresses to the interfaces. (Details not shown.)
•
Description
Select the format of usernames to be sent to the RADIUS server.
Typically, a username is in the format of userid@isp-name, of which isp-name
is used by the device to determine the ISP domain for the user. If a RADIUS
server (such as old RADIUS servers) does not accept a username that
contains an ISP domain name, you can configure the device to remove the
domain name of a username before sending it to the RADIUS server. Options
include:
•
•
Specify the unit for data flows sent to the RADIUS server:
•
•
•
•
Specify the unit for data packets sent to the RADIUS server:
•
•
•
•
Specify the IP address of the security policy server.
Figure 423, configure the switch to use the RADIUS server for user authentication and
With domain name—Configure the device to include the domain name in
a username.
Without domain name—Configure the device to remove any domain
name of a username.
Byte.
Kilo-byte.
Mega-byte.
Giga-byte.
One-packet.
Kilo-packet.
Mega-packet.
Giga-packet.
412