HP's Vendor-ID is 11, with Vendor-Type 1. The following table describes the HP vendor-specific attributes.
Identifying the RADIUS Server to the HP Device
To use a RADIUS server to authenticate access to an HP device, you must identify the server to the HP device.
HP9300(config)# radius-server host 188.8.131.52
Syntax: radius-server host <ip-addr> | <server-name> [auth-port <number> acct-port <number>]
Table 3.4: HP vendor-specific attributes for RADIUS
Specifies the privilege level for the user.
This attribute can be set to one of the
Super User level – Allows complete
read-and-write access to the system.
This is generally for system
administrators and is the only
management privilege level that
allows you to configure passwords.
Port Configuration level – Allows read
and-write access for specific ports but
not for global (system-wide)
Read Only level – Allows access to
the Privileged EXEC mode and
CONFIG mode of the CLI but only
with read access.
Specifies a list of CLI commands that are
permitted or denied to the user when
RADIUS authorization is configured.
The commands are delimited by semi
ou can specify an asterisk (*)
as a wildcard at the end of a command
For example, the following command list
specifies all show and debug ip
commands, as well as the write terminal
show *; debug ip *; write term*
Specifies whether the commands indicated
by the hp-command-string attribute are
permitted or denied to the user.
attribute can be set to one of the following:
Permit execution of the commands
indicated by hp-command-string, deny
all other commands.
Deny execution of the commands
indicated by hp-command-string,
permit all other commands.
3 - 35