Wireless Edge Services xl Module Release Notes WS.02.27
Table Of Contents
- Release Notes: Version WS.02.27 Software for the ProCurve Wireless Edge Services xl Module (J9001A) and the ProCurve Redundant Wireless Services xl Module (J9003A)
- Copyright and Disclaimers
- Contents
- Software Management
- Support Notes
- Release WS.02.07
- Reconfigure Management Passwords After a Software Update from Version WS.01.xx to Version WS.02.xx
- Accessing the Web Browser Interface After a Software Update from Version WS.01.xx to Version WS.02.xx
- Configuring Authentication for Web-Users
- Special Characters for the ACL ID Field
- Correction: SNMP v3 Default Password
- Correction: Stations per Radio
- Correction: Stations per Module in a Layer 3 Mobility Domain
- Correction: Disabling TKIP Countermeasures
- Clarification: Setting Intrusion Detection with TKIP Countermeasures
- Release WS.02.07
- Enhancements
- Software Fixes
- Known Software Issues and Limitations
- Back Cover
14
Support Notes
Release WS.02.07
Configuring Authentication for Web-Users
Note
Use this section to supplement the information in the chapter “Configuring the ProCurve Wireless
Edge Services xl Module” of the Management and Configuration Guide (5013-5912, May 2007).
Instead of (or in addition to) using the local list to authenticate users, you can use a RADIUS server.
If the RADIUS server authenticates a user, that user has the rights configured on the RADIUS
database.
Make sure that the configuration on the RADIUS server meets these requirements:
■ The user’s password is at least 8 characters.
SNMP v3 requires a password of at least this length. Your RADIUS server, however, may or may
not enforce such a requirement. (For example, the Wireless Edge Services xl Module’s internal
server does not.) Check the accounts for users that need management access to the module and,
if necessary, set a new password of the correct length.
■ The RADIUS server supports vendor specific attributes (VSAs).
For the RADIUS server to properly authorize the management user, you must set two VSAs in
the policy that the RADIUS server uses to authenticate the user. Table 3 shows the proper values
for the “HP-Management-Protocol” and the “HP-Management-Role” attributes.
Table 1. VSAs for Authorizing Management Users
Attribute Type Length Vendor ID Vendor Type Vendor
Length
Format Vendor Value
Decimal Format
HP-Management-
Protocol
26 12 11
(HP)
4
(HP-Management-
Protocol)
6 Decimal 5 = HTTP
6 = HTTPS
HP-Management-
Role
26 12 11 1
(HP-Management-
Role)
6 Decimal 1 = SuperUser
2 = Monitor
16 = HelpDesk
Manager
17 = Network Admin-
istrator
18 = System Adminis-
trator
19 = WebUser Admin-
istrator