Manualshelf

McDATA 4Gb SAN Switch for HP p-Class BladeSystem User Guide (AA-RW20B-TE, December 2005)

ManualsBrandsHP ManualsSoftwareHP Open Trunking for Edge Switch 2/32 PFE
61626364656667686970
66 Managing switches
Configuring RADIUS servers
A RADIUS server authenticates users and devices using a challenge/response protocol over a secure SSL
connection. Basic implementations consist of a central RADIUS server containing a database of authorized
users as well as authentication information. A RADIUS client wishing to verify the authenticity of a user
issues a challenge to the user and collects the response to the challenge. This information is forwarded to
the RADIUS server for authentication and the server responds with the results, either an accept or reject.
The RADIUS client does not need to be configured with any user authentication information, this all resides
on the RADIUS server and can be managed centrally and separately from the clients. In addition, no
passwords are exchanged between the RADIUS server and its clients. Authentication of requests from a
RADIUS client to the server and responses from the server to a client can also be authenticated. This
requires sharing a secret between the server and client.
The accounting RADIUS supports the auditing of the users and switch services such as Telnet, FTP, and
switch management applications. The RADIUS Accounting Server enables (True) or disables (False) the
auditing of activity during a user session. The default is False. When enabled, user activity is audited
whether UserAuthServer is enabled or not. The accounting server UDP port number is the ServerUDPPort
value plus 1 (default 1813).
Configuring RADIUS servers involves the following tasks:
Adding a RADIUS server, page 66
Removing a RADIUS server, page 67
Editing RADIUS server information, page 68
Modifying RADIUS server authentication order, page 69
Adding a RADIUS server
A RADIUS server provides a method to centralize user and device authentication over a network.
Figure 29 RADIUS Server Information dialog—Add Server tab page
To add a RADIUS server, perform the following procedure:
1. Select Switch > Radius Servers in the faceplate display. The Radius Servers ... option will not be
available unless the SSL service is enabled. See Configuring system services, page 83 for information
about enabling the SSL service.
2. Click the Add Server tab in the Radius Server Information dialog shown in Figure 29.
3. Select Device, User, or Account for the server type.
4. Enter the remote IP address of the server in the IP Address field.