Access Security Guide K/KA/KB.15.15
To exchange the positions of the addresses so that the server at 10.10.10.3 is the first choice and
the server at 10.10.10.1 is the last, perform the following:
1. Delete 10.10.10.3 from the list. This opens the third (lowest) position in the list.
2. Delete 10.10.10.1 from the list. This opens the first (highest) position in the list.
3. Re-enter 10.10.10.3. Because the switch places a newly entered address in the
highest-available position, this address becomes first in the list.
4. Re-enter 10.10.10.1. Because the only position open is the third position, this address becomes
last in the list.
Figure 142 Example of new RADIUS server search order
Using SNMP to view and configure switch authentication features
Beginning with software release K.12.xx, SNMP MIB object access is available for switch
authentication configuration (hpSwitchAuth) features. This means that the switches covered by this
guide allow, by default, manager-only SNMP read/write access to a subset of the authentication
MIB objects for the following features:
• number of primary and secondary login and enable attempts
• TACACS+ server configuration and status
• RADIUS server configuration
• selected 802.1X settings
• key management subsystem chain configuration
• key management subsystem key configuration
• OSPF interface authentication configuration
• local switch operator and manager usernames and passwords
With SNMP access to the hpSwitchAuth MIB enabled, a device with management access to the
switch can view the configuration for the authentication features listed above (excluding usernames,
passwords, and keys). Using SNMP sets, a management device can change the authentication
configuration (including changes to usernames, passwords and keys). Operator read/write access
to the authentication MIB is always denied.
180 RADIUS Authentication, Authorization, and Accounting