EasyManuals Logo

HP 3600 v2 Series Security Configuration Guide

HP 3600 v2 Series
398 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #187 background imageLoading...
Page #187 background image
176
# Configure the server type for the RADIUS scheme. When using the iMC server, configure the RADIUS
server type as extended.
[SwitchA-radius-rs1] server-type extended
# Specify the primary authentication server and primary accounting server, and configure the keys for
communication with the servers.
[SwitchA-radius-rs1] primary authentication 192.168.0.111
[SwitchA-radius-rs1] primary accounting 192.168.0.111
[SwitchA-radius-rs1] key authentication expert
[SwitchA-radius-rs1] key accounting expert
# Configure the access device to not carry the ISP domain name in the username sent to the RADIUS
server. (Optional, configure the username format as needed.)
[SwitchA-radius-rs1] user-name-format without-domain
[SwitchA-radius-rs1] quit
• Configure an authentication domain
# Create ISP domain dm1 and enter its view.
[SwitchA] domain dm1
# Configure AAA methods for the ISP domain.
[SwitchA-isp-dm1] authentication portal radius-scheme rs1
[SwitchA-isp-dm1] authorization portal radius-scheme rs1
[SwitchA-isp-dm1] accounting portal radius-scheme rs1
[SwitchA-isp-dm1] quit
# Configure domain dm1 as the default ISP domain for all users. Then, if a user enters a username
without any ISP domain at logon, the authentication and accounting methods of the default domain are
used for the user.
[SwitchA] domain default enable dm1
• Enable portal authentication on the interface connecting the host
# Configure a portal server on the switch, making sure that the IP address, port number and URL match
those of the actual portal server.
[SwitchA] portal server newpt ip 192.168.0.111 key portal port 50100 url
http://192.168.0.111:8080/portal
# Enable portal authentication on the interface connecting the host.
[SwitchA] interface vlan-interface 10
[SwitchA–Vlan-interface10] portal server newpt method layer3
# Specify the source IP address of outgoing portal packets as 9.9.1.1, the virtual IP address of VRRP group
1.
[SwitchA–Vlan-interface10] portal nas-ip 9.9.1.1
• Configure portal stateful failover
# Assign interface VLAN-interface 10 to portal group 1.
[SwitchA–Vlan-interface10] portal backup-group 1
[SwitchA–Vlan-interface10] quit
# Set the device ID for Switch A in stateful failover mode to 1.
[SwitchA] nas device-id 1
# Specify the source IP address of outgoing RADIUS packets as 192.168.0.1, the virtual IP address of
VRRP group 2.

Table of Contents

Other manuals for HP 3600 v2 Series

Preview: Command Reference
Command Reference479 pages
Preview: Installation Guide
Installation Guide62 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual51 pages
Preview: Configuration Guide
Configuration Guide449 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 3600 v2 Series and is the answer not in the manual?

HP 3600 v2 Series Specifications

General IconGeneral
BrandHP
Model3600 v2 Series
CategorySwitch
LanguageEnglish

Related product manuals