Using An External Radius Server; Configuring A Radius Client Profile On The Ap - HP MSM3xx Management And Configuration Manual

Msm3 series/msm4 series

Hide thumbs Also See for MSM3xx:

Reference manual (114 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

page of 210

/ 210
Contents
Table of Contents
Bookmarks

Table of Contents

Security

Using an external RADIUS server

The AP can use one or more external RADIUS servers to perform a number of authentication

and configuration tasks, including the tasks shown in the table below.

Task

Validating administrator login

credentials.

Validating user login credentials for

WPA, 802.1X, or MAC-based

authentication types on non-access-

controlled VSCs.

Retrieving RADIUS attributes on a

per-user basis on non-access-

controlled VSCs.

Storing accounting information for

each user on non-access-controlled

VSCs.

Note



On VSCs that have the Use HP MSM controller option enabled (creating an access-

controlled VSC), see the MSM7xx Controllers Management and Configuration Guide

for details on how user authentication is configured.



When a VSC has the Use HP MSM controller option disabled (creating a non-access-

controlled VSC), an external RADIUS server can be used to validate user credentials for

WPA, 802.1X, or MAC-based authentication as described in this section.

Configuring a RADIUS client profile on the AP

The AP enables you to define up to 16 RADIUS profiles. Each profile defines the settings for a

RADIUS client connection. To support a client connection, you must create a client account

on the RADIUS server. The settings for this account must match the profile settings you

define on the AP.

For backup redundancy, each profile supports a primary and secondary server.

The AP can function with any RADIUS server that supports RFC 2865 and RFC 2866.

Authentication occurs via authentication types such as: EAP-MD5, CHAP, MSCHAP v1/v2,

LEAP, PAP, EAP-TLS, EAP-TTLS, EAP-PEAP. EAP-SIM, EAP-AKA, EAP-FAST, and EAP-GTC.

Note

If you change a RADIUS profile to connect to a different server while users are active, all

RADIUS traffic for active user sessions is immediately sent to the new server.

6-2

For more information see

Authenticating administrative credentials using

an external RADIUS server on page

Wireless protection on page

MAC-based authentication on page

Configuring user accounts on a RADIUS server on

page

6-5.

Accounting support is enabled under

protection on page 4-16

authentication on page

2-4.

4-16.

4-19.

Wireless

MAC-based

4-19.

Table of Contents

Show Quick Links

Hide quick links:

Chapters

Table of Contents

This manual is also suitable for:

Msm4xx Msm310 Msm310-r Msm320 Msm320-r Msm325 ... Show all

Using An External Radius Server; Configuring A Radius Client Profile On The Ap - HP MSM3xx Management And Configuration Manual

Using an external RADIUS server

Configuring a RADIUS client profile on the AP

Hide quick links:

Chapters

Related Manuals for HP MSM3xx

Related Content for HP MSM3xx

This manual is also suitable for:

Table of Contents