HP procurve 2500 Manual Do Utilizador
117
Enhancements in Release F.04.08
Configuring RADIUS Authentication and Accounting
Configuring RADIUS Authentication and Accounting
Outline of the Steps for Configuring RADIUS Accounting
1.
Configure the switch for accessing a RADIUS server.
You can configure a list of up to three RADIUS servers (one primary, two backup). The switch
operates on the assumption that a server can operate in both accounting and authentication
mode. (Refer to the documentation for your RADIUS server application.)
operates on the assumption that a server can operate in both accounting and authentication
mode. (Refer to the documentation for your RADIUS server application.)
•
Use the same
radius-server host command that you would use to configure RADIUS
•
Provide the following:
–
A RADIUS server IP address.
–
Optional—a UDP destination port for authentication requests. Otherwise the switch
assigns the default UDP port (1812; recommended).
assigns the default UDP port (1812; recommended).
–
Optional—if you are also configuring the switch for RADIUS authentication, and
need a unique encryption key for use during authentication sessions with the
RADIUS server you are designating, configure a server-specific key. This key over-
rides the global encryption key you can also configure on the switch, and must match
the encryption key used on the specified RADIUS server. For more information, refer
to the "
need a unique encryption key for use during authentication sessions with the
RADIUS server you are designating, configure a server-specific key. This key over-
rides the global encryption key you can also configure on the switch, and must match
the encryption key used on the specified RADIUS server. For more information, refer
to the "
[key < key-string >]" parameter on page 109. (Default: null)
2.
Configure the types of accounting you want the switch to perform, and the controls for sending
accounting reports from the switch to the RADIUS server(s).
accounting reports from the switch to the RADIUS server(s).
•
Accounting types:
exec (page 115), network (page 115), or system (page 116)
•
Trigger for sending accounting reports to a RADIUS server:
At session start and
stop or only at session stop
3.
(Optional) Configure session blocking and interim updating options
•
Updating:
Periodically update the accounting data for sessions-in-progress
•
Suppress accounting:
Block the accounting session for any unknown user with no
username accesses the switch