EasyManuals Logo

HPE FlexNetwork 5510 HI Series Security Configuration Guide

HPE FlexNetwork 5510 HI Series
551 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #61 background imageLoading...
Page #61 background image
48
Enabling the session-control feature
A RADIUS server running on IMC can use session-control packets to inform disconnect or dynamic
authorization change requests. This task enables the device to receive RADIUS session-control
packets on UDP port 1812.
To enable the session-control feature:
Step
Command
Remarks
1. Enter system view.
system-view
N/A
2. Enable the session-control
feature.
radius session-control enable
By default, the session-control
feature is disabled.
Setting the maximum number of concurrent login
users
Perform this task to set the maximum number of concurrent users who can log on to the device
through a specific protocol, regardless of their authentication methods. The authentication methods
include no authentication, local authentication, and remote authentication.
To set the maximum number of concurrent login users:
Step
Command
Remarks
1. Enter system view.
system-view
N/A
2. Set the maximum number of
concurrent login users.
• In non-FIPS mode:
aaa session-limit { ftp | http
| https | ssh | telnet }
max-sessions
• In FIPS mode:
aaa session-limit { https |
ssh } max-sessions
By default, the maximum number
of concurrent login users is 32 for
each user type.
Configuring a NAS-ID profile
By default, the device sends its device name in the NAS-Identifier attribute of all RADIUS requests.
A NAS-ID profile enables you to send different NAS-Identifier attribute strings in RADIUS requests
from different VLANs. The strings can be organization names, service names, or any user
categorization criteria, depending on the administrative requirements.
For example, map the NAS-ID companyA to all VLANs of company A. The device will send
companyA in the NAS-Identifier attribute for the RADIUS server to identify requests from any
Company A users.
You can apply a NAS-ID profile to portal- or port security-enabled interfaces. For more information,
see "Configuring portal authentication" and "Configuring port security."
A NAS-ID can be bound with more than one VLAN, but a VLAN can be bound with only one NAS-ID.
To configure a NAS-ID profile:

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Preview: Configuration Guide
Configuration Guide572 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide209 pages
Preview: Layer 3 - Ip Routing Configuration Guide
Layer 3 - Ip Routing Configuration Guide486 pages
Preview: Network Management And Monitoring Configuration Guide
Network Management And Monitoring Configuration Guide331 pages
Preview: Macsec Configuration Guide
Macsec Configuration Guide27 pages
Preview: Acl And Qos Configuration Guide
Acl And Qos Configuration Guide114 pages
Preview: Mpls Configuration Guide
Mpls Configuration Guide505 pages
Preview: Openflow Configuration Guide
Openflow Configuration Guide39 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork 5510 HI Series and is the answer not in the manual?

HPE FlexNetwork 5510 HI Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork 5510 HI Series
CategorySwitch
LanguageEnglish

Related product manuals