HP 5920 Series Fundamentals Configuration Guide

215 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Page #72 background image

Loading...

Page #72 background image

64

Configuration procedure

Make sure the settings on the switch and the RADIUS server match.

1. Configure the switch:

# Assign VLAN-interface 2 an IP address from the same subnet as the Telnet user.

<Switch> system-view

[Switch] interface vlan-interface 2

[Switch-Vlan-interface2] ip address 192.168.1.70 255.255.255.0

[Switch-Vlan-interface2] quit

# Assign VLAN-interface 3 an IP address from the same subnet as the RADIUS server.

[Switch] interface vlan-interface 3

[Switch-Vlan-interface3] ip address 10.1.1.2 255.255.255.0

[Switch-Vlan-interface3] quit

# Enable Telnet server.

[Switch] telnet server enable

# Enable scheme authentication on the user lines for Telnet users.

[Switch] line vty 0 63

[Switch-line-vty0-63] authentication-mode scheme

[Switch-line-vty0-63] quit

# Create the RADIUS scheme rad and enter its view.

[Switch] radius scheme rad

# Specify the primary server address 10.1.1.1 and the service port 1812 in the scheme.

[Switch-radius-rad] primary authentication 10.1.1.1 1812

# Set the shared key to expert in the scheme for the switch to authenticate to the server.

[Switch-radius-rad] key authentication simple expert

[Switch-radius-rad] quit

# Specify the scheme rad as the authentication and authorization schemes for the ISP domain bbb.

IMPORTANT:

Because RADIUS user authorization information is piggybacked in authentication responses, the

authentication and authorization methods must use the same RADIUS scheme.

[Switch] domain bbb

[Switch-isp-bbb] authentication login radius-scheme rad

[Switch-isp-bbb] authorization login radius-scheme rad

[Switch-isp-bbb] quit

# Create the feature group fgroup1.

[Switch] role feature-group name fgroup1

# Add the features arp and radius to the feature group.

[Switch-featuregrp-fgroup1] feature arp

[Switch-featuregrp-fgroup1] feature radius

[Switch-featuregrp-fgroup1] quit

# Create the user role role2.

[Switch] role name role2

# Configure rule 1 to permit the user role to use all commands available in ISP view.

[Switch-role-role2] rule 1 permit command system-view ; domain *

Table of Contents

Other manuals for HP 5920 Series

Command Reference607 pages

Configuration Guide424 pages

Installation Guide63 pages

Troubleshooting Guide52 pages

Fc And Fcoe Configuration Guide257 pages

Compliance And Safety Manual58 pages

Questions and Answers:

Need help?

Do you have a question about the HP 5920 Series and is the answer not in the manual?

HP 5920 Series Specifications

General

Brand	HP
Model	5920 Series
Category	Switch
Language	English

Related product manuals

Preview: HP 5920

Preview: HP HPE FlexFabric 5930

HP HPE FlexFabric 5930

Preview: HP HPE FlexFabric 5901 Series

HP HPE FlexFabric 5901 Series

Preview: HP 5300

Preview: HP 5120 series

Preview: HP 5400zl Series

HP 5400zl Series

Preview: HP 5130 EI series

HP 5130 EI series

Preview: HP 5500 EI series

HP 5500 EI series

Preview: HP 5120 SI Series

HP 5120 SI Series

Preview: HP FlexFabric 5700

HP FlexFabric 5700

HP ProCurve 5412ZL