HP PROCURVE 6208M-SX Installation And Getting Started Manual: Setting Radius Parameters

Hewlett-packard switch user manual.
Hide thumbs
Installation and Getting Started Guide
The host <ip-addr> | <server-name> parameter is either an IP address or an ASCII text string.
The <auth-port> parameter is the Authentication port number; it is an optional parameter. The default is 1645.
The <acct-port> parameter is the Accounting port number; it is an optional parameter. The default is 1646.

Setting RADIUS Parameters

You can set the following parameters in a RADIUS configuration:
RADIUS key – This parameter specifies the value that the HP device sends to the RADIUS server when
trying to authenticate user access.
Retransmit interval – This parameter specifies how many times the HP device will resend an authentication
request when the RADIUS server does not respond. The retransmit value can be from 1 – 5 times. The
default is 3 times.
Timeout – This parameter specifies how many seconds the HP device waits for a response from a RADIUS
server before either retrying the authentication request, or determining that the RADIUS servers are
unavailable and moving on to the next authentication method in the authentication-method list. The timeout
can be from 1 – 15 seconds. The default is 3 seconds.
Setting the RADIUS Key
The key parameter in the radius-server command is used to encrypt RADIUS packets before they are sent over
the network. The value for the key parameter on the HP device should match the one configured on the RADIUS
server. The key can be from 1 – 32 characters in length.
To specify a RADIUS server key:
HP9300(config)# radius-server key mirabeau
Syntax: radius-server key <key-string>
Setting the Retransmission Limit
The retransmit parameter specifies the maximum number of retransmission attempts. When an authentication
request times out, the HP software will retransmit the request up to the maximum number of retransmissions
configured. The default retransmit value is 3 retries. The range of retransmit values is from 1 – 5.
To set the RADIUS retransmit limit:
HP9300(config)# radius-server retransmit 5
Syntax: radius-server retransmit <number>
Setting the Timeout Parameter
The timeout parameter specifies how many seconds the HP device waits for a response from the RADIUS server
before either retrying the authentication request, or determining that the RADIUS server is unavailable and moving
on to the next authentication method in the authentication-method list. The timeout can be from 1 – 15 seconds.
The default is 3 seconds.
HP9300(config)# radius-server timeout 5
Syntax: radius-server timeout <number>
Configuring Authentication-Method Lists for RADIUS
You can use RADIUS to authenticate Telnet/SSH access and access to Privileged EXEC level and CONFIG levels
of the CLI. When configuring RADIUS authentication, you create authentication-method lists specifically for these
access methods, specifying RADIUS as the primary authentication method.
Within the authentication-method list, RADIUS is specified as the primary authentication method and up to six
backup authentication methods are specified as alternates. If RADIUS authentication fails due to an error, the
device tries the backup authentication methods in the order they appear in the list.
3 - 36

Advertising

   Related Manuals for HP PROCURVE 6208M-SX

Comments to this Manuals

Symbols: 0
Latest comments: