HP Q.11.XX Manual page 113

Procurve 2510 series switches
Table of Contents

Advertisement

Syntax: aaa authentication < console | telnet | ssh | web > < enable | login > < radius >
ProCurve(config)# aaa authentication telnet login radius none
ProCurve(config)# aaa authentication telnet enable radius none
ProCurve(config)# aaa authentication ssh login radius none
ProCurve(config)# aaa authentication ssh enable radius none
ProCurve(config)# show authentication
Status and Counters - Authentication Information
Login Attempts : 3
Respect Privilege : Disabled
| Login
Access Task | Primary
----------- + ---------- ---------- ---------- ----------
Console
| Local
Telnet
| Radius
Port-Access | Local
Webui
| Local
SSH
| Radius
Figure 5-2. Example Configuration for RADIUS Authentication
Note
Configures RADIUS as the primary password authentication
method for console, Telnet, SSH and/or the Web browser interface.
(The default primary < enable | login > authentication is local.)
[< local | none >]
Provides options for secondary authentication (default:
none). Note that for console access, secondary authenti-
cation must be local if primary access is not local. This
prevents you from being completely locked out of the
switch in the event of a failure in other access methods.
For example, suppose you have already configured local passwords on the
switch, but want to use RADIUS to protect primary Telnet and SSH access
without allowing a secondary Telnet or SSH access option (which would be
the switch's local passwords):
Login
Secondary
None
None
None
None
In the above example, if you configure the Login Primary method as local
instead of radius (and local passwords are configured on the switch), then you
can gain access to either the Operator or Manager level without encountering
the RADIUS authentication specified for Enable Primary. Refer to "Local
Authentication Process" on page 5-16.
RADIUS Authentication, Authorization and Accounting
Configuring the Switch for RADIUS Authentication
Enable
Enable
Primary
Secondary
Local
None
Radius
None
Local
None
Radius
None
The switch now
allows Telnet and
SSH authentication
only through
RADIUS.
5-9

Hide quick links:

Advertisement

Table of Contents
loading

This manual is also suitable for:

U.11.xxProcurve 2510-24Procurve 2510-48

Table of Contents