To Next Page

To Previous Page

7 Configuring RADIUS Server Support for Switch Services

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1

RADIUS Client and Server Requirements . . . . . . . . . . . . . . . . . . . . 7-1

Optional PCM and IDM Network Management Applications . . . . 7-2

RADIUS Server Configuration for CoS

(802.1p Priority) and Rate-Limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3

Applied Rates for RADIUS-Assigned Rate Limits . . . . . . . . . . . . . . . . . 7-5

Viewing the Currently Active Per-Port CoS and Rate-Limiting

Configuration Specified by a RADIUS Server . . . . . . . . . . . . . . . . . . . . 7-7

Configuring and Using Dynamic

(RADIUS-Assigned) Access Control Lists . . . . . . . . . . . . . . . . . . . . . . 7-11

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-11

Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-11

Overview of RADIUS-Assigned, Dynamic ACLs . . . . . . . . . . . . . . . . . 7-14

Traffic Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-14

Contrasting RADIUS-Assigned and Static ACLs . . . . . . . . . . . . . . . . . 7-16

How a RADIUS Server Applies a RADIUS-Assigned ACL

to a Client on a Switch Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-18

General ACL Features, Planning, and Configuration . . . . . . . . . . . . . 7-19

The Packet-filtering Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-20

Operating Rules for RADIUS-Assigned ACLs . . . . . . . . . . . . . . . . . . . 7-20

Configuring an ACL in a RADIUS Server . . . . . . . . . . . . . . . . . . . . . . . 7-22

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-22

Nas-Filter-Rule-Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-23

ACE Syntax in RADIUS Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-25

Example Using the Standard Attribute (92) In an IPv4 ACL . . . 7-27

Example Using HP VSA 63 To Assign IPv6 and/or IPv4 ACLs . . 7-29

Example Using HP VSA 61 To Assign IPv4 ACLs . . . . . . . . . . . . 7-32

To configure the above ACL, you would enter the username/

password and ACE information shown in figure 7-11 into the

FreeRADIUS “users” file. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-33

Configuration Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-34

Configuring the Switch To Support RADIUS-Assigned

ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-35

Displaying the Current RADIUS-Assigned ACL Activity

on the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-37

Model

HP E3800 Series

Layer

Layer 3

Uplink Ports

4 x SFP+ ports

Stacking

Yes

Power over Ethernet (PoE)

Available on some models

Management

Web, CLI, SNMP

Power Supply

Redundant (optional)

Operating Temperature

0°C to 45°C

Dimensions (W x D x H)

440 x 424 x 44 mm

Operating Humidity

10% to 90% non-condensing

HP E3800 Series User Manual

Table of Contents

Questions and Answers:

HP E3800 Series Specifications

Related product manuals