ProCurve 2900 - Page 9

To Next Page

To Previous Page

5 RADIUS Authentication and Accounting

Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3

Authentication Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3

Accounting Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4

RADIUS-Administered CoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4

Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5

Switch Operating Rules for RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6

General RADIUS Setup Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7

Configuring the Switch for RADIUS Authentication . . . . . . . . . . . . . 5-8

Outline of the Steps for Configuring RADIUS Authentication . . . . . . 5-9

1. Configure Authentication for the Access Methods

You Want RADIUS To Protect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10

2. Enable the (Optional) Access Privilege Option . . . . . . . . . . . . . . . . 5-13

3. Configure the Switch To Access a RADIUS Server . . . . . . . . . . . . 5-14

4. Configure the Switch’s Global RADIUS Parameters . . . . . . . . . . . 5-17

Local Authentication Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-21

Controlling Web Browser Interface Access . . . . . . . . . . . . . . . . . . . . 5-22

Commands Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-23

Enabling Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-24

Displaying Authorization Information . . . . . . . . . . . . . . . . . . . . . . . . . 5-25

Configuring Commands Authorization on a RADIUS Server . . . . . . 5-25

Using Vendor Specific Attributes (VSAs) . . . . . . . . . . . . . . . . . . . 5-25

Example Configuration on Cisco Secure ACS for MS Windows 5-27

Example Configuration Using FreeRADIUS . . . . . . . . . . . . . . . . . 5-29

VLAN Assignment in an Authentication Session . . . . . . . . . . . . . . . . 5-31

Tagged and Untagged VLAN Attributes . . . . . . . . . . . . . . . . . . . . . . . . 5-32

Additional RADIUS Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-33

Configuring RADIUS Accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-34

Operating Rules for RADIUS Accounting . . . . . . . . . . . . . . . . . . . . . . 5-35

Steps for Configuring RADIUS Accounting . . . . . . . . . . . . . . . . . . . . . 5-36

1. Configure the Switch To Access a RADIUS Server . . . . . . . . . 5-37

Related product manuals