EasyManua.ls Logo

HP 5120 SI Series

HP 5120 SI Series
385 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
21
Task Remarks
Specifying a source IP address for outgoing RADIUS packets Optional
Setting timers for controlling communication with RADIUS servers Optional
Configuring RADIUS accounting-on Optional
Specifying a security policy server Optional
Configuring interpretation of RADIUS class attribute as CAR
parameters
Optional
Enabling the RADIUS trap function Optional
Enabling the listening port of the RADIUS client Optional
Displaying and maintaining RADIUS Optional
Creating a RADIUS scheme
Before performing other RADIUS configurations, follow these steps to create a RADIUS scheme and enter
RADIUS scheme view:
To do… Use the command… Remarks
Enter system view system-view —
Create a RADIUS scheme and
enter RADIUS scheme view
radius scheme
radius-scheme-name
Required
No RADIUS scheme by default
NOTE:
A
RADIUS scheme can be referenced by multiple ISP domains at the same time.
Specifying the RADIUS authentication/authorization servers
You can specify one primary authentication/authorization server and up to 16 secondary
authentication/authorization servers for a RADIUS scheme. When the primary server is not available, a
secondary server is used, if any. In a scenario where redundancy is not required, specify only the
primary server.
In RADIUS, user authorization information is piggybacked in authentication responses sent to RADIUS
clients. It is neither allowed nor needed to specify a separate RADIUS authorization server.
You can enable the server status detection feature. With the feature, the switch periodically sends an
authentication request to check whether or not the target RADIUS authentication/authorization server is
reachable. If yes, the switch sets the status of the server to active. If not, the switch sets the status of the
server to block. This feature can promptly notify authentication modules of latest server status information.
For example, server status detection can work with the 802.1X critical VLAN feature, so that the switch
can trigger 802.1X authentication for users in the critical VLAN immediately on detection of a reachable
RADIUS authentication/authorization server.
Follow these steps to specify the RADIUS authentication/authorization servers:
To do… Use the command… Remarks
Enter system view system-view —
Enter RADIUS scheme view radius scheme radius-scheme-name —

Table of Contents

Other manuals for HP 5120 SI Series

Preview: Command Reference
Command Reference395 pages
Preview: Specification
Specification33 pages

Related product manuals