Manualshelf

HP StorageWorks Enterprise File Services WAN Accelerator 2.1.5 deployment guide (June 2006)

ManualsBrandsHP ManualsComputer AccessoriesHP StorageWorks Enterprise File Services (EFS) DL320-1020 WAN Accelerator
101102103104105106107108109110
HP STORAGEWORKS ENTERPRISE FILE SERVICES WAN ACCELERATOR 2.1.5 DEPLOYMENT GUIDE 99
9 - RADIUS AND TACACS+
A
UTHENTICATION
The directory /usr/local/share/freeradius is where the dictionary files are stored. This
is where RADIUS attributes can be defined. Assuming the vendor does not have
established dictionary file in the FreeRADIUS distribution, you begin the process by
creating a file called: dictionary.<vendor>.
The contents of the dictionary.<vendor> file define a vendor identifier (which ought
to be the Structure of Management Information (SMI) Network Management Private
Enterprise Code of the Vendor), and the definitions for any vendor specific attributes.
In the following example, the Vendor Enterprise Number for HP is 17613 and the
Enterprise Local User Name Attribute is 1. These numbers specify that a given user is
an admin or monitor user in the RADIUS server (instead of using the HP EFS WAN
Accelerators default for users not named admin and monitor).
These instruction assume you are running FreeRADIUS, v.1.0, which is available from
http://www.freeradius.org
.
To install FreeRADIUS
on a Linux computer
1. Download FreeRadius from http://www.freeradius.org
.
2. At your system prompt, enter the following set of commands:
>tar xvzf freeradius-$VERSION.tar.gz
>cd freeradius-$VERSION
>./configure
>make
>make install #as root
To add acceptance
requests on the
RADIUS server
1. In a text editor, open the /usr/local/etc/raddb/clients.conf file.
2. To create the key for the RADIUS server, add the following text to the clients.conf
file:
client 10.0.0.0/16 {
secret = testradius
shortname = main-network
nastype = other
}
The secret you specify here must also be specified in the HP EFS WAN
Accelerator when you set up RADIUS server support. For detailed information,
see the HP Enterprise File Services WAN Accelerator Management Console User
Guide.
3. In a text editor, create a /usr/local/share/freeradius/dictionary.rbt file for HP.
4. Add the following text to the dictionary.rbt file.
VENDOR RBT 17163
ATTRIBUTE Local-User 1 string RBT
5. Add the following line to the /usr/local/share/freeradius/dictionary:
$INCLUDE dictionary.rbt
6. Add users to the Radius server by editing the /usr/local/etc/raddb/users file. For
example:
"admin" Auth-Type := Local, User-Password == "radadmin"
Reply-Message = "Hello, %u"